Custom Query (3713 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (901 - 1000 of 3713)

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Ticket Summary Status Owner Type Priority Milestone
#9243 Https Everywhere kills Copy'n'paste in Firefox 22.0 needs_information pde defect normal
Description

Since installing https everywhere version 3, I've noticed that when attempting to copy and paste any content from within any webpage (URL, body of text, etc.) that it will not paste into the body of an email, Windows' own text editors, another open tab's page, etc. I am currently using Win 7 Home Premium with all the latest updates. Copying and pasting within a webpage or within an open tab usually (but not consistently) works.

I'm not a hacker or a programmer. Just a user who wants to be secure and thought you should know!

#9245 Black Screen, disappearing buttons needs_information tbb-team defect major TorBrowserBundle 2.2.x-stable
Description

I deleted all of the files, and re-downloaded Tor Bundle, and it is not helping. The menus near the address bar are black, the screen is black, the orange Tor Browser thing is black. The computer has been restarted and it didn't help, the Browser itself has been closed and opened and that didn't help. It worked fine two days in a row, three days ago, and it started this yesterday. It worked fine all the other times I used it throughout my time. My Google Chrome has been acting weird on a specific website (going slow, logging me out, pages are blank) but I don't see how those two could be connected. I have two screenshots I'm going to figure out how to post. I am not sure what's going on, how to fix it or what it means. Could anybody help me? Thank you. Also I couldn't find it on the "version" tab, but it is 2.3.25-10 for Windows.

#9248 problem when using Vidalia to connect to a running tor instance (system tor) new chiiph defect normal
Description

Hi,

is this a bug or expected behavior:

https://lists.torproject.org/pipermail/tor-talk/2013-June/028661.html

thanks!

#9250 strange TERM signal needs_information erinn defect normal
Description

User on ticket #11560 experiences a TERM signal:

jul 05 09:12:59.619 [Notice] Tor v0.2.3.25 (git-17c24b3118224d65) running on Windows 7. jul 05 09:12:59.619 [Notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning jul 05 09:12:59.619 [Notice] Read configuration file "C:\Users\Jordi\Downloads\Tor Browser\Data\Tor\torrc". jul 05 09:12:59.619 [Notice] Initialized libevent version 2.0.21-stable using method win32. Good. jul 05 09:12:59.619 [Notice] Opening Socks listener on 127.0.0.1:9150 jul 05 09:12:59.619 [Notice] Opening Control listener on 127.0.0.1:9151 jul 05 09:12:59.833 [Notice] Parsing GEOIP file .\Data\Tor\geoip. jul 05 09:13:01.536 [Notice] No AES engine found; using AES_* functions. jul 05 09:13:01.536 [Notice] This OpenSSL has a good implementation of counter mode; using it. jul 05 09:13:01.536 [Notice] OpenSSL OpenSSL 1.0.0k 5 Feb 2013 looks like version 0.9.8m or later; I will try SSL_OP to enable renegotiation jul 05 09:13:01.536 [Notice] Reloaded microdescriptor cache. Found 3896 descriptors. jul 05 09:13:01.536 [Notice] We now have enough directory information to build circuits. jul 05 09:13:01.536 [Notice] Bootstrapped 80%: Connecting to the Tor network. jul 05 09:13:01.536 [Notice] New control connection opened. jul 05 09:13:02.520 [Notice] Heartbeat: Tor's uptime is 0:00 hours, with 5 circuits open. I've sent 0 kB and received 0 kB. jul 05 09:13:02.520 [Notice] Bootstrapped 85%: Finishing handshake with first hop. jul 05 09:13:03.107 [Notice] Catching signal TERM, exiting cleanly.

#9266 Dailymotion.com broken videos new pde defect normal
Description

I can't see videos on dailymotion.com anymore with HTTPS Everywhere enabled. Error 2101 on their player.

#9269 ARM uncaught exception if ORPort contains an IP address new atagar defect minor
Description

If I set ORPort not to just a portnumber (like 443) but to IP:port, arm outputs a python stacktrace like this:

Exception in thread Thread-5:
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 552, in __bootstrap_inner
self.run()
File "/usr/share/arm/cli/connections/connPanel.py", line 282, in run
self._update()            # populates initial entries
File "/usr/share/arm/cli/connections/connPanel.py", line 486, in _update
newEntries.append(circEntry.CircEntry(circuitID, status, purpose, path))
File "/usr/share/arm/cli/connections/circEntry.py", line 34, in __init__
self.update(status, path)
File "/usr/share/arm/cli/connections/circEntry.py", line 53, in update
self.lines[0].setExit(exitIp, exitORPort, path[-1])
File "/usr/share/arm/cli/connections/circEntry.py", line 84, in setExit
connEntry.ConnectionLine.__init__(self, "127.0.0.1", "0", exitIpAddr, exitPort, False, False)
File "/usr/share/arm/cli/connections/connEntry.py", line 254, in __init__
self.sortPort = int(self.foreign.getPort())
      ValueError: invalid literal for int() with base 10: '256.256.256.256:443'                                                                               

(replace 256.256.256.256 with an actual IP address)

#9276 Remove JS-Ctypes dependency from HTTPS-Everywhere new pde defect normal
Description

We want to disable ctypes at compile time in TBB for sandboxing reasons, but the SSL Observatory relies on ctypes to convert a certificate into a byte array. There's got to be a non-ctypes way to do this.

For now, it simply breaks the SSL Observatory cert submission in TBB, but that's not ideal either.

#9285 Tor Taskbar button invokes non-Tor browser new tbb-team defect normal
Description

OS: Windows 7. Steps to reproduce:

  • Start your regular, non-secure browser. (In my case, this is Firefox.)
  • Start Tor and wait for Vidalia and the TorBrowser window to open.
  • Right-click the TorBrowser tile in the taskbar; this should pop up a menu with "TorBrowser", "Pin this program to taskbar", and "Close window" as choices.
  • Select "TorBrowser" from this menu.

Expected result: Either a new TorBrowser window should open, or the existing TorBrowser window should be brought to the foreground, probably with a new tab having been opened within it. Actual result: My (non-secure) Firefox window gets focus, and opens a new tab.

#9290 Use something other than "known relay" to decide on rate in connection_or_update_token_buckets_helper() new defect normal Tor: 0.2.???
Description

On #tor-dev , Beeps says:

13:18 < Beeps> connection_or_update_token_buckets_helper() will not limit speed
               if relay knows desc. You can upldoad desc to any auth. Before
               limit speed you need protect all auths or limit speed for them.
               5 of them are victims for cheaters for now.

In other words, anybody can get the higher limit from an authority by uploading a descriptor with their ID, whether they're really a relay or not. That's annoying.

One fix would be to change the behavior of connection_or_digest_is_known_relay to require that the relay be present in the consensus. (Would this hurt bandwidth measurement?)

#9294 Open an onion page new tbb-team defect normal
Description

Hello i am using: firefox v17.0.6, vidali 0.2.21, tor 0.2.3.25 (git-17c24b3118224d65)

I am testing opening an .onion page and gives me this error:

XML Parsing Error: unexpected parser state Location: jar:file:///home/ovnicraft/Downloads/tor-browser_en-US/App/Firefox/omni.ja!/chrome/toolkit/content/global/netError.xhtml Line Number 308, Column 50: <div id="ed_netReset">&netReset.longDesc;</div>


#9307 Can't connect to remote tor new chiiph defect normal
Description

Vidalia is unable to connect remote tor server.

For example I have a Tor on a Linux server and trying to control it with Vidalia from my desktop. I provide valid IP, TCP port and password in Vidalia settings (these credentials are suitable to control remote Tor with telnet), nevertheless Vidalia says that Tor is not running.

Also it's very strange for such "remote" use scenario, that Vidalia requires tor executable name. If I leave tor executable name empty, the message box "Error saving settings", "You must specify the name of your Tor executable" appears. I wouldn't have tor installed on my desktop. I've got a server for such purposes.

Google says that same error was reported and solved 6 years ago in old Trac: https://trac-vidalia.torproject.org/projects/vidalia/ticket/271

Maybe this bug is trivial and developers are able to fix it in 5 minutes. If not I can try to fix it myself and provide patch.

#9312 Tor: the proxy server is refusing connections (Mac OS X) needs_information tbb-team defect blocker TorBrowserBundle 2.2.x-stable
Description

I this log is just frome me trying to go to https://encrypted.google.com/.

This is from the Tor message log (advanced) with all message filters enabled.

Jul 23 14:36:09.887 [Info] routerlist_remove_old_routers(): We have 0 live routers and 0 old router descriptors. Jul 23 14:36:12.474 [Info] Monitored process 320 is still alive. Jul 23 14:36:27.474 [Info] Monitored process 320 is still alive. Jul 23 14:36:42.474 [Info] Monitored process 320 is still alive. Jul 23 14:36:57.474 [Info] Monitored process 320 is still alive. Jul 23 14:37:04.887 [Debug] count_usable_descriptors(): 4094 usable, 4094 present. Jul 23 14:37:04.904 [Debug] count_usable_descriptors(): 871 usable, 871 present. Jul 23 14:37:10.887 [Info] routerlist_remove_old_routers(): We have 0 live routers and 0 old router descriptors. Jul 23 14:37:12.474 [Info] Monitored process 320 is still alive. Jul 23 14:37:27.474 [Info] Monitored process 320 is still alive.

#9313 RunAsDaemon=1 reported as "Unneeded torrc entry" new erinn defect minor
Description

arm version 1.4.5.0 (released April 28, 2012) Tor v0.2.3.25 (git-3fed5eb096d2d187) Both under Ubuntu Precise.

arm complains:

[ARM_NOTICE] Unneeded torrc entries found. They've been highlighted in blue on the torrc page.
   - entry matches its default value: RunAsDaemon (line 4)

I have RunAsDaemon set to 1, and docs at https://www.torproject.org/docs/tor-manual.html.en say (Default: 0).

#9314 mixed content error with Kelley Blue Book Co. ruleset new pde defect normal
Description

The ruleset for Kelley Blue Book Co. causes the site to display incorrectly due to mixed content.

#9328 o2online.de Live Check not working with enabled SSL strictness accepted MB defect normal
Description

With enabled HTTPS Everywhere, http://www.o2online.de/microsite/o2-netz/live-check/ does not load additional JavaScript from a non-SSL CDN

#9330 Pluggable Transports on windows are killed with TerminateProcess new asn defect normal
Description

The pluggable transport that I am writing needs to do cleanup on shutdown (It write files to the pt_state directory, and use a child process).

The way that tor terminates pluggable transports under Windows currently is via ProcessTerminate (common/util.c:tor_terminate_process), which is the rough windows equivalent of SIGKILL (Immediate termination, no child processes killed, no further code in the application gets executed).

In theory Tor is supposed to send SIGINT for a graceful shutdown but it doesn't appear to be doing this on Windows (Does it do this at all? obfsproxy doesn't appear to install a SIGINT handler to handle graceful teardown per the PT spec), and furthermore Microsoft's documentation hints at horrible evil happening if SIGINT is actually used (http://msdn.microsoft.com/en-us/library/xdkz3x12%28v=vs.110%29.aspx).

Some way to properly handle graceful shutdown that works across all platforms would be nice. Apparently the way Real Windows Apps approach this problem is with GenerateConsoleCtrlEvent or with PostMessage, neither which are portable.

Note: I don't do Windows development as a general rule so I may be missing something obvious.

#9336 Odd wyswig schemes without isolation for browserspy.dk new tbb-team defect major
Description

http://browserspy.dk/screen.php causes some odd urls to appear in about:cache without domain isolation.

We should investigate why these urls are not properly isolated, and perhaps where they come from.

#9343 vertical shift icons of addonbar new pde defect normal HTTPS-E 4.0dev9
Description

Several icons of addonbar be vertical shift when use https-everywhere-4.0dev.8 and dev.9

http://s2.ipicture.ru/uploads/20130727/LFWeslLK.png

When use https-everywhere-4.0development.7 no bugs.

#9344 Cannot set tor browser as default browser nor open any link through it (even command-line) new tbb-team defect major TorBrowserBundle 2.3.x-stable
Description

I'm using linux and trying to make tor as default browser. But running commands like

/home/user/tor-browser_ru/App/Firefox/firefox -no-remote -profile /home/user/tor-browser_ru/Data/profile -new-tab https://ya.ru

gives me msgbox with «Firefox is already running, but is not responding. To open a new window, you must first close the existing Firefox process, or restart your system.»

I don't understand you at this point if that is not a bug. Because the main purpose of using tor-browser is to make internet-surfing safe. And openning links from your messengers in tor-browser (i.e. using it by default) seems to me an obviously logical solution.

Ksana.

#9350 Sorting by number of relays in Compass is alphabetically, not alphanumerically new gsathya defect normal
Description

Way to reproduce this:

  • go to https://compass.torproject.org/
  • group relays by country
  • hit submit
  • click on fingerprint table header to sort in ascending order
  • click on fingerprint table header again to sort in descending order
  • note how, e.g., (96 relays) comes before (887 relays)
#9360 increase font size in trac new erinn defect minor
Description

Whenever I visit trac I find the fonts hard to read. The file https://trac.torproject.org/tor.css has the following lines inside:

body, th, td {
 font: normal 13px Verdana,Arial,'Bitstream Vera Sans',Helvetica,sans-serif;
}

So the font-size is set to 13px. I would propose to change it to 1.0em. This sets the font-size to the value the users has set for normal texts. So it should reflect the users choice.

Maybe can also change the font sizes of the headings. The current setting in tor.css is:

h1 { font-size: 19px; margin: .15em 1em 0.5em 0 }
h2 { font-size: 16px }
h3 { font-size: 14px }

In relative terms the settings should be like:

h1 { font-size: 1.5em; margin: .15em 1em 0.5em 0 }
h2 { font-size: 1.2em }
h3 { font-size: 1.1em }
#9372 HTTPS Everywhere partially breaks the InfoQ presentation videos new pde defect normal
Description

When you're viewing any presentation from the InfoQ website http://www.infoq.com/presentations/ without HTTPS Everywhere, you'll see little gray bars in the video time line, marking the moment when the presenter changes its slide.

If you activate HTTPS Everywhere, those marks won't appear. A simple workaround I found is to disable Cloudfront in the HTTPS Everywhere rule set.

#9402 Vidalia Bridge Bundle: Wrong path to tor.exe prevents vidalia from starting tor new erinn defect major
Description

I just downloaded [1] and checked its GPG signature.

After installing it, it fails to start tor.exe, because the path to the file is wrong.

Vidalia assumes tor.exe to be in

C:\Program Files (x86)\Tor\tor.exe

but there is no such folder: C:\Program Files (x86)\Tor\

Running a search shows that tor.exe is located here:

C:\Program Files (x86)\Vidalia Bridge Bundle\Tor\tor.exe

Setting the correct path to tor.exe in vidalia fixes this issue.

Inexperienced users will not be able to find and fix the problem and therefor will be unable to setup a tor bridge.

I'm happy to test any updated (test) packages or to provide further information if needed.

[1] https://www.torproject.org/dist/vidalia-bundles/vidalia-bridge-bundle-0.2.3.25-0.2.21-2.exe

#9409 Latest TBB Firefox crashes on page load new tbb-team defect normal
Description

Going to this page makes Firefox freeze under Win 8, x64. Latest TBB (0.2.3.25). http://beforeitsnews.com/alternative/

#9411 pyptlib.server.reportSuccess documentation misses required options parameter new asn defect minor
Description

https://pyptlib.readthedocs.org/en/master/API.html#report-results-back-to-tor has this example:

pyptlib.server.reportSuccess('rot13', ('127.0.0.1', 42042))

But this doesn't work, because of a required third options parameter:

TypeError: reportSuccess() takes exactly 3 arguments (2 given)

So reportSuccess should be documented to need None as a third argument if you don't need any options, or options should be made an optional parameter.

#9413 The proxy server is refusing connections new chiiph defect blocker TorBrowserBundle 2.3.x-stable
Description

Vidalia Control Panel is showing the status as green and connected to the Tor network. Everything in the message log looks fine, but the browser is saying that Firefox is configured to use a proxy server that is refusing connections. I have looked online for a solution and I cannot find one. I have tried using the proxy settings that came with it and using proxy settings for my version of Firefox. I have also tried using only ports 80/443. I have disabled Norton 360. I cannot figure out how to get past this screen. Please let me know what additional information you need.

#9417 sergii needs upgrading to wheezy new defect normal
Description

I would like to ugprade sergii to wheezy. When is a good time for you?

#9418 bahri needs upgrading to wheezy new kaner defect normal
Description

I would like to ugprade bahri to wheezy. When is a good time for you?

#9419 update tordnsel to work with debian wheezy ghc libs needs_review defect normal
Description

tordnsel doesn't run on wheezy due to updated ghc libs, see https://lists.torproject.org/pipermail/tor-dev/2013-July/005157.html

We should update the code to work.

#9426 multicast connection tries new defect normal Tor: unspecified
Description

local firewall log reports that Tor version 0.2.3.25 (git-17c24b3118224d65) tries to connect to multicast destinations. Seven tries per multicast destination and roughly ten different multicast destinations per day.

That means option ExtendAllowPrivateAddresses (default: 0) doesn't deal with multicast destinations.

Do we missing something?

#9431 Zotero addon depends on js-ctypes new tbb-team defect normal
Description

When updated to "Tor Browser Bundle 3.0alpha3" Zotero (https://www.zotero.org/download/) add-on stopped working: when attempted to start it from Tools -> Zotero I get: "There was an error starting Zotero." Zotero's preferences opened by Addons -> Preferences work just fine.

Last version of TBB to work with Zotero is "Tor Browser Bundle 3.0alpha2". No matter what version of Zotero is installed I get the same error msg.

Other bundles (2.3 & 2.4) as well as Mozilla's 17.0.8 work just fine.

Following error msg from Error Console seems crucial to me:

Error: Component returned failure code: 0x80520012 (NS_ERROR_FILE_NOT_FOUND) [nsIXPCComponents_Utils.import]
Source File: chrome://zotero/content/xpcom/ipc.js
Line: 289

All errors after TorBrowser start:

Timestamp: 10.8.2013 09:13:59
Error: no element found
Source File: moz-nullprincipal:{452ad7e9-a05a-44bf-a96a-b2b1730a7b72}
Line: 18

--

While creating services from category 'profile-after-change', could not create service for entry 'SSLObservatory', contract ID '@eff.org/ssl-observatory;1'

--

Timestamp: 10.8.2013 09:13:59
Error: NS_ERROR_FILE_NOT_FOUND: Component returned failure code: 0x80520012 (NS_ERROR_FILE_NOT_FOUND) [nsIXPCComponents_Utils.import]
Source File: file:///home/newman/bin/TorBrowserBundle/3.0-test/tor-browser_en-US/Data/profile/extensions/https-everywhere@eff.org/components/ssl-observatory.js
Line: 29

--

Timestamp: 10.8.2013 09:14:02
Warning: Selector expected.  Ruleset ignored due to bad selector.
Source File: chrome://torbutton/skin/torbutton.css
Line: 16

--

Timestamp: 10.8.2013 09:14:02
Error: Component returned failure code: 0x80520012 (NS_ERROR_FILE_NOT_FOUND) [nsIXPCComponents_Utils.import]
Source File: chrome://zotero/content/xpcom/ipc.js
Line: 289

--

Timestamp: 10.8.2013 09:14:02
Error: this.docShell is null
Source File: chrome://global/content/bindings/browser.xml
Line: 323

--

Timestamp: 10.8.2013 09:14:02
Error: TypeError: alist.populate_list is not a function
Source File: chrome://https-everywhere/content/toolbar_button.js
Line: 142

--

Timestamp: 10.8.2013 09:14:02
Warning: Error in parsing value for 'width'.  Declaration dropped.
Source File: about:tor
Line: 0

--

I suspect the fix for ticket 6152 may have caused it.

#9434 Ftp ip leaks from TBB new tbb-team defect normal TorBrowserBundle 2.3.x-stable
Description

The test of TBB showed different ips for ftp and https. After I put Vidalia's socks address into the ftp field of torbutton and did the test again I got only one ip address. What's wrong with the tor browser bundle? Jondo developers claim that users should add the proxy into all fields of the browser. But it is impossible to put socks proxy of TBB into http field because Tor Browser won't work in this case.

#9439 .pdf open app does not display new tbb-team defect normal
Description

Good Day . . .

Am using Linux Tor Browser Bundle in Kubuntu 12.04.2 LTS (up to date) - Vidalia 0.2.21 - Tor 0.2.3.25 (git - 17c24b3118224d65) - Qt 4.8.1

In the Firefox browser, I click on .pdf file - window opens telling me that an outside app is needed - click Launch Application - I click on window that says Open with Okular - I see the download window - appears to have successfully downloaded .pdf file - Okular does not open! - this is consistent across many sessions

The same result occurred with the previous version that I only used for a few days prior to getting this latest version

I apologise but I cannot see where this issue belongs in Components

#9449 HTTPS Everywhere v. Disqus new pde defect normal
Description

I am using Firefox 23 with HTTPS Everywhere 3.3.1. I have disabled it as it is not allowing Disqus to load on any site that uses Disqus. Disqus will attempt to load, then give the "too long...reload?" message. Nither a reload of Disqus or the page itself resolves the issue with HTTPS Everywhere enabled.

#9451 de-anonymisation by readable @font-face CSS attribute - TBB settings update new tbb-team defect normal
Description

I've checked the TorBrowserBundle with JavaScript turned off via the testing tool on ip-check.info.

Turning JavaScript off seems to result in @font-face CSS attribute being readable. That might harm users' anonymity. What do you think?

Here's what the JonDonym developers tell us about it:

"The number and type of fonts installed on your system may, under certain circumstances, strongly contribute to your de-anonymization. Caution: Your fonts might even be read without JavaScript! This is possible, as a website may force loading web fonts if the respective font is not installed on your local computer. If the site forbids font caching, the fonts will be reloaded on any access.

If you ONLY see STRANGE, UNREADABLE SYMBOLS in this rating, your installed fonts are indirectly readable by this website.

In this case, the page may try to load hundreds of different font names using the "@font-face" attribute. If the respective font is installed on your system, the website notices that it is not loaded from the server. Hint: If it can read them, the fonts on your system enable a website to unambiguously recognize you in many cases.

Recommended: Prevent that your browser reloads fonts using the @font-face CSS attribute."

#9452 https everywhere conection failure (firefox) reopened pde defect normal
Description

when i try to install https everywhere on firefox i keep getting this message "the add-on could not be downloaded because of a connection failure of on www.eff.org"

#9456 TorBrowser bundle leak "local" information on when it was last used new tbb-team defect normal
Description

TorBrowser bundle leak "local" information on when it was last used .

This is because the local filesystem keep MAC (modified, access, creation) time.

It means that from a forensic analyst perspective it will be always possible to identify which is the last time the TorBrowser has been started (and probably when it has been closed) by carefully looking at the "atime" attribute of the filesystem in the directory where TBB is stored.

To fix this issue the TBB, on start and on close, should reset the "atime attribute" of all the files and directory where it is stored.

This can be done on all major filesystem with proper programming API (FAT32, NTFS, HFS, Ext4, etc) .

#9460 Tor AppArmor profile prevents obfsproxy from starting needs_review weasel defect major
Description

On Debian testing (jessi).

Aug 12 19:18:03 host kernel: [84758.245866] type=1400 audit(1376335083.727:270): apparmor="DENIED" operation="exec" parent=7228 profile="system_tor" name="/usr/bin/obfsproxy" pid=7290 comm="tor" requested_mask="x" denied_mask="x" fsuid=112 ouid=0

And subsequently, use of obfuscated bridges is not possible while the AppArmor profile is load.

#9461 Tor AppArmor profile prevents flashproxy-client from starting new weasel defect major
Description

Since #9460 and after looking at /etc/apparmor.d/system_tor I am certain, that Tor won't be allowed to execute flashproxy-client. (Didn't test.)

#9467 Imgur: unresolved redirect loops new pde defect normal
Description

Reported on https-everywhere-rules:

To whom it may concern:

https://gitweb.torproject.org/https-everywhere.git/commitdiff/364a9298e3c400b2702b3d04b406a84d98f6ccb2 attempted to enable coverage for all of (www.)imgur.com, but there are still many pages redirecting to http. It appears that the previous exclusions were never quite complete.

The homepage is the only thing that ever _stopped_ redirecting to http, as far as I could notice. It later resumed redirecting (see https://bugzilla.mozilla.org/show_bug.cgi?id=866986#c7 ).

These paths redirect to http:

  • random$
  • gallery/ (this includes image pages as well as a XHR made by the

homepage's infinite scroll feature)

  • a/[imageID]/embed
  • help$
  • tos$
  • removalrequest$
  • apps$

These paths don't:

  • register$
  • register/upgrade$
  • signin$
  • images/
  • include/
  • min/

Everything appears to be ok if we limit the coverage of (www.)imgur.com to: <rule from="http://(www\.)?imgur\.com/(images|include|min|register|signin)(/|\?|$)" to="https://$1imgur.com/$2$3"/>

There is a bit of coverage we could add, though: store.imgur.com = imgur-store.myshopify.com

I haven't yet tested with an account. (This message doesn't strictly apply to the 3.x stable branch, because the Imgur ruleset is disabled there, though the exclusions are incomplete as explained.)

  1. Liu
#9471 Pinterest: possible issue with stylesheets new pde defect normal
Description

To whom it may concern:

developers.pinterest.com uses a stylesheet from http://passets-ak.pinterest.com/webapp/app/desktop/bundle.da99a7cd.css or http://passets-ec.pinterest.com/webapp/app/desktop/bundle.74f12d61.css (the CDN in use changes sometimes; the passets-ak subdomain isn't covered yet, but it appears identical to the other passets subdomains).

The problem is that rewriting these to Akamai causes some relative paths in the stylesheet to behave wrongly (i.e., be interpreted relative to the root of a248.e.akamai.net), resulting in at least a missing image.

It is possible that stylesheets elsewhere within Pinterest could be similarly affected, though I'm not aware of any specifically.

It looks like this can be solved by rewriting the passets stuff to s-passets-ec.pinimg.com instead.

Also, the pinterest.com homepage seems to have started enforcing https recently, so let's try removing the homepage from the exclusions. (I'm still not a registered user, though) Finally, there should probably be a trivial rewrite for en.help.pinterest.com .

(This message doesn't strictly apply to 3.x due to the Pinterest ruleset being disabled there.)

  1. Liu
#9472 Freshdesk: assets and static\d need fix new pde defect normal
Description

From https-everywhere-rules:

To whom it may concern:

assets.freshdesk.com is hosted on S3 (s3.amazonaws.com/assets.freshdesk.com/)

static[1-4] are hosted on CloudFront (d3o14s01j0qbic.cloudfront.net)

These need to have rules added before the one that handles arbitrary subdomains. (That rule should probably have a comment saying "Clients have unique subdomains," to clarify what it is / is not intended to handle.)

  1. Liu
#9473 Cheezburger: update on support subdomain new pde defect normal
Description

To whom it may concern:

I previously mentioned that support.cheezburger.com doesn't have a matching certificate due to being hosted by Freshdesk.

It turns out that it is possible to rewrite it to cheezburger.freshdesk.com, but (if I understand correctly) we should only do that for 4.x. Since there is no Freshdesk ruleset in the 3.x branch, we should just exclude the domain to avoid issues with mixed active content.

(Discussion about mixed content elsewhere in Cheezburger will follow in a separate email.)

  1. Liu

P.S. Some other outstanding issues, which I mentioned previously but may have gotten lost in the shuffle:

  • images.cheezburger.com needs to be rewritten to i.chzbgr.com to

avoid a cert error due to EdgeCast (for examples of use, see www.cheezburger.com/site-directory and jobs.cheezburger.com )

  • developer.cheezburger.com has started supporting/enforcing https, so

it shouldn't be excluded/downgraded

#9475 Vidalia - Crash with EXIT CODE 134 new chiiph defect normal
Description

Hello . . .

Using Vidalia 0.2.21 - Tor 0.2.3.25 (git-17c24b3118224d65 - Kubuntu 12.04.2 (up to date) - KDE 4.10.5 (up to date)

Started tor with ./start-tor-browser - Vidalia appeared - clicked flashing Message Log button (message was Tor running) - chose icon Save All button - crash with message "Vidalia exited abnormally EXIT CODE 134"

Tried this a few times with the Save All button but only ever received the error message - nothing else - I don't really know what the Save All button saves

Tried ./start-tor-browser --debug and the messages were

"Debug enabled. Starting Vidalia now Launching Vidalia from: /home/????? Aborted (core dumped) Vidalia exited with the following return code: 134"

This parallels another bug report from a few years back but it was subsequently abandoned.

Hope this helps. Keep up the good work.

#9476 Completely drop support for Tor 0.2.2.x new defect major Tor: 0.2.7.x-final
Description

We should remove 0.2.2.x from the recommended version list.

We should stop accepting Tor 0.2.2.x nodes in the network: that release series is completely unsupported.

Finally dropping 0.2.2.x will let us start deprecating things that we'd like to throw away, like the renegotiation-based handshake.

#9479 twistedmatrix.com cannot load. Invalid security certificate. new pde defect normal
Description

https://twistedmatrix.com/ breaks with this error message:

twistedmatrix.com uses an invalid security certificate.

The certificate is not trusted because no issuer chain was provided.

(Error code: sec_error_unknown_issuer)
#9481 Header value being duplicated new pde defect major
Description

When using HTTPS Everywhere for Chrome I've tracked down some errors with headers not being passed properly. Some of the headers returned from the service actual end up being doubled when HTTPS Everywhere is enabled.

I tracked this down in an application I'm writing that makes CORS HTTP Requests to the Dropbox API. I was seeing "SyntaxError: Unexpected token , " errors similar to this issue: https://trac.torproject.org/projects/tor/ticket/5952 but not in relation to Bootcamp. As I dug into the issue it became clear that a header that was supposed to be JSON was malformed.

After inspecting the header through Chrome's Network panel, and then through another proxy (to ensure it wasn't the server sending a double header) it became clear that the server was sending a valid response, but javascript inside of Chrome was seeing a broken response. The headers for the actual request are similar to the following:

HTTP/1.1 200 OK Server: nginx Date: Sat, 10 Aug 2013 11:26:57 GMT Content-Type: text/plain; charset=ascii Content-Length: 203 Connection: keep-alive accept-ranges: bytes x-dropbox-metadata: {"revision": 7, "rev": "7130446f9", "thumb_exists": false, "bytes": 203, "modified": "Fri, 09 Aug 2013 11:55:51 +0000", "client_mtime": "Fri, 09 Aug 2013 11:54:52 +0000", "path": "/some_file", "is_dir": false, "icon": "page_white", "root": "app_folder", "mime_type": "application/octet-stream", "size": "203 bytes"} x-server-response-time: 200 etag: 7n x-dropbox-request-id: 5fcfa0e9c0b1f00039d8901aaaad6738 pragma: public cache-control: max-age=0 Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Accept-Ranges, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time X-RequestId: f89f279185cc3bcf4c5deeeeaaaeaaaa

The header that I was having problems with is the x-dropbox-metadata header. The value returned from the server was valid, but when javascript called xhr.getResponseHeader('x-dropbox-metadata') or xhr.getAllResponseHeaders() the value for 'x-dropbox-metadata' would be the correct value twice comma separated. So in this case we would see:

{"revision": 7, "rev": "7130446f9", "thumb_exists": false, "bytes": 203, "modified": "Fri, 09 Aug 2013 11:55:51 +0000", "client_mtime": "Fri, 09 Aug 2013 11:54:52 +0000", "path": "/some_file", "is_dir": false, "icon": "page_white", "root": "app_folder", "mime_type": "application/octet-stream", "size": "203 bytes"}, {"revision": 7, "rev": "7130446f9", "thumb_exists": false, "bytes": 203, "modified": "Fri, 09 Aug 2013 11:55:51 +0000", "client_mtime": "Fri, 09 Aug 2013 11:54:52 +0000", "path": "/some_file", "is_dir": false, "icon": "page_white", "root": "app_folder", "mime_type": "application/octet-stream", "size": "203 bytes"}

This caused a syntax error when parsing this value as JSON which is the symptom I mentioned at the start.

This problem reproduces every time for me, until I disable https everywhere. I tried disabling each of my plugins one at a time, and found that HTTPS Everywhere reliably causes this problem.

#9488 lithium forum issue with SSO (VMware and Logmein.com) new pde defect normal
Description

hi,

the HTTPS rule for VMware and Logmein.com give me trouble with the forum provided by lithium. I can't login/sign in to the forum.

I first suspect ghostery or Refcontrol but it was the HTTPS Add-On.

Hope this ticket makes it in the google index so other people know which add-on blocked the sign-in for the mentioned pages forum / community part.

Version HTTPS 3.3.1 on firefox (could not find it in the ticket drop- down [no sort order])

#9491 HTTPS Everywhere update for asda ruleset new pde defect normal
Description

the asda.xml ruleset can be updated to include groceries.asda.com as a fully-supported subdomain since asda's recent website update.

#9494 Log fix facility and lines new defect minor Tor: 0.2.???
Description

These log entries (debug, domains) are either

  • missing facility

t [notice] Tor v0.2.3.25 (git-r) running on o. t [notice] Tor can't help you if you use it wrong! Learn how to t [notice] Read configuration file "/.../torrc". t [notice] Initialized libevent version 2.0.21-stable using method t [notice] Opening Socks listener on 127.0.0.1:9051 t [notice] Opening Control listener on 127.0.0.1:9050 t [warn] Fixing permissions on directory /.../tor

  • missing time, level and facility, and probably need one-lined

0 create 64 created 6494 relay

(644 relayed) (6494 delivered)

50 destroy

#9495 Must we still disable threads on *-*-solaris*? reopened defect minor Tor: 0.2.6.x-final
Description

Back in 2005, in 8753e7ef6530c14a6d35c477a11ff203008bde50 (svn:r4383), we disabled threading on Solaris, in order to prevent some lockup bug or other. Unfortunately, back in 2005 we weren't so good at tracking bugs, so I can't easily find who reported it or how we diagnosed it.

But this is eight years later. If there was really a platform bug, surely it's gotten better by now?

We could contact one of the two or three operators whose nodes report being "on SunOS", and ask them if their nodes still work after an explicit --enable-threads , I guess.

#9506 Size problem with HTTPS Everywhere toolbar button icon when used w/ Firefox new pde defect normal
Description

There is a compatibility issue/size problem with the HTTPS Everywhere 3.3.2 toolbar button icon in Firefox 20.0:

The HTTPS Everwhere icon steals vertical pixels, probably because it's oversize or in some other way doesn't respect the size limits that every other icon respects.

It actually steals pixels wherever you place it: If you place it in the menu bar, it increases the vertical height of that. If you place it in the address bar, it increases the height of that. If you place it in the bookmarks bar, it increases that. And if you place it in the status bar (which Firefox 20.0 only keeps if you use the Status-4-Evar add-on), then it increases the height of that.

I've taken a few screenshots to illustrate the problem, which I'll try to attach and also upload to imgur.

  • Screenshot 1 shows the normal situation without the HTTPS Everywhere icon (no pixels stolen). <http://i.imgur.com/SVLIcYf.png>
  • Screenshot 2 shows the HTTPS-E icon in the address bar (bar enlarged; vertical pixels stolen). <http://i.imgur.com/XAdzMzb.png>
  • Screenshot 3 shows the HTTPS-E icon in the bookmarks bar (now *that's* enlarged = pixels stolen from the browser window). <http://i.imgur.com/buy75Jl.png>
  • Screenshot 4 shows Screenshot 1 and 2 superimposed in the GIMP with near 50% transparency, and I used the measuring tool to see how many vertical lines of pixels get stolen from the browser window. It's ten lines that get stolen. (Yes, it looks like an eye disease; the misalignment is of course caused by the stolen pixels.) <http://i.imgur.com/cbl2Wip.png>

For people on smaller resolutions (and you'd be surprised how common 1024x768 and even smaller still is, and not just on smartphones either), again for people with lower resolution screens, vertical pixels, i.e. vertical lines in the browser window are incredibly precious, and every line that's stolen somewhat reduces usability. Also, if every other icon of every other extension/add-on can behave themselves and not steal pixels, then neither should HTTPS-E.

As I'm creating this ticket, HTTPS-E version 3.3.2 isn't listed in your version drop-down list, but that's what my HTTPS=E About window says it is. This may be a typo in either the about window or the drop-down (arguably, that may be another bug).

#9508 Google Geolocation Redirect new pde defect normal
Description

Google uses 302 redirect to redirect to localized Google for some source IPs. HTTPS Everywhere breaks the redirection.

For example it redirects google.com searches to (receive 302 to http://www.google.com.hk/) but HTTPS Everywhere rewrite the URL to http://encrypted.google.com.hk/ which does not exist

#9511 Status bar icon unnecessarily large needs_review pde defect normal
Description

As of HTTPS Everywhere 3.3.2, the icon in the Firefox status bar is made unnecessarily large by the number indicating how many sites were matched. This makes the entire status bar larger than normal. It would be very nice if there was a way to either disable the number, or have some other indicator (such as graying out the icon when no rules as active, as Stylish does).

#9521 "new identity" leaks memory in evenSuppressor.suppressEventHandling() new tbb-team defect normal
Description

According to skruffy, each tab that's open when you click 'new identity' contributes to more lost memory.

For normal tabs, when you close them, eventually the memory from them garbage collects or otherwise returns to the system. For tabs closed by new identity, it remains lost.

#9522 bug. needs_information defect normal Tor: unspecified
Description

[So 18. Aug 00:45:42 2013] Tor Software Error - The Tor software encountered an internal bug. Please report the following error message to the Tor developers at bugs.torproject.org: "set_options(): Bug: Acting on config options left us in a broken state. Dying. "Regards.

#9536 Doesn't respect CSP policies new pde defect normal
Description

Assume a site pulls scripts from a CDN, like cdnjs.cloudflare.com using the http protocol, and has a script-src of "http://cdnjs.cloudflare.com" set in the Content-Security-Policy header.

If a user with HTTPS Everywhere installed were to browse on the site, it would try to fetch the scripts using https, which is forbidden by the CSP header, thus breaking the site.

#9541 "Work Offline" button should stop/start tor (as well) new tbb-team defect normal
Description

On the Tor Browser Bundle 3.0alpha3 release

If you go to the menu -> Web Developer and press "Work Offline" it says:

"Tor unexpectedly exited."

Tor won't start when you disable this option again, you need to close and start the browser.

In my opinion, in addition to a NEWNYM function (#9442), there must also be the functions to stop or start Tor in this 3.0 version. The "Work Offline" button could use such functions too.

In short, there must be more control over the Tor network settings in the browser.

There is currently no way to temporarily disable Tor without closing the browser, even though I frequently need to do this.

#9542 Cannot login as cypherpunks on HS version of trac.torproject.org new erinn defect normal
Description

Every time I try to log in to the hidden service version of this site: http://vwp5zrdfwmw4avcq.onion/projects/tor

it accepts the usual account name and password, but it does not show status as logged in as cypherpunks.

What gives?

nonick

#9558 Windows: Tor browser bundle fails to start if working directory isn't set new chiiph defect normal
Description

If you start the Tor browser bundle directly (e.g. ShellExecute("c:\tools\tor browser\start tor browser.exe") without setting the working directory, an error message is shown:


Error Starting Tor


<p>Vidalia was unable to start Tor. Check your settings to ensure the correct name and location of your Tor executable is specified.</p>


Show Settings Cancel Help

StartTorBrowser.exe should be smart enough to use its own directory as the default path.

C:\tools\tor-browser-2.3.25-12_en-US.exe


#9568 unable to complete 2nd stage captcha on youtube new tbb-team defect normal
Description

I was using default settings for TBB except NoScript was enabled. NoScript did not indicate that it was blocking something. However the captcha appears as form with no decorations.

After answering the 2 words correctly, Google presents a string to copy and paste into another textbox in the form but that textbox does not appear. See attached screencap.

When i turn off NoScript and reload the page, the ReCaptcha appears in color with graphics and the 2nd stage doesnt occur.

#9570 Many changes to private browsing code of Firefox happened since 17esr out needs_revision mikeperry defect normal
Description

https://developer.mozilla.org/en-US/docs/Updating_addons_broken_by_private_browsing_changes

Torbutton will be broken by Firefox24ESR private browsing changes.

#9571 Tor donwloads stop needs_information defect normal
Description

I'm using Tor Bundle, but I don't know the version. (I deleted it a bit ago and now I'm waiting for this bug to fix before reinstaling it)

Whenever I put a file to download, it start to donwload slowly (as normal in tor, that's not the problem) but after a while tor decides to stop the download leaving a half downloaded file (for example, if I put to download a 10-minute video, it will download only 3 or 4 minutes of it). Also, starting a download when there is one active, tor tends to stop the older one (not allways). Another thing is that downloads take a time to start (conecting...) I don't know if it's due to natural tor slowness or is caused by conection problems that makes all the other things happen.

#9572 TBB opens link in firefox about upgrade new tbb-team defect normal
Description

Another day when I used TBB 2.3.25-12 a strange thing happened while I was just surfing anonymously and using TBB in a normal way.

Out of the blue without really doing an upgrade(neither manually nor automatically) Torbrowser started checking for addon compatibility, the check that usually starts right after an upgrade to a later version.

And then the next time I opened the real standard Firefox browser, it opened the upgrade link saying it had upgraded from 17.0.8ESR to 23.1. But neither torbrowser or firefox had really been upgraded, they had/have the exact same versions before and after this happened.

I didn't visit any type of websites where you can expect exploits/vulnerabilities. I use good antivirus and antispyware, so I don't think there's anything on my computer making torbrowser misbehave.

Whoever is taking care of the torbrowser should take a look at this, as something seems to be compiled/configured badly so that firefox and torbrowser aren't completely separated from each other. Firefox is not my standard browser, so the reason the upgrade link showed up in firefox doesn't have anything to do with that. I also started firefox manually after torbrowser/TBB.

#9575 Rename "New Identity" reopened mikeperry defect normal
Description

TorBrowser can't to change or clear your identity. Torbutton can to clear history, to close tabs, to send newnym signal to Tor's controller by one click.

Tor by newnym signal can't to change or clear your identity. Tor can discard old circuits and begin to build new one. Circuit can't to be used as identity. IP address of exit node can't to be used as identity too (here you can discuss about ownership, leases, assigns, and nats at final).

#9579 Wiggle.co.uk - "add to basket" breaks with HTTPS everywhere new pde defect normal
Description

I initially thought KeepassFox was the cause of this problem, but after getting some help in debugging it, it turns out that HTTPS everywhere is the cause of my problems: https://discussions.zoho.com/keefox/topic/wiggle-co-uk-unable-to-add-products-to-basket#71684000000270021

Is it the ruleset that is the cause of the problem?

My HTTPS Everywhere version is 3.3.1 - I am using Firefox 23.0.1

#9582 HTTPS-Everywhere 4.0dev10 slows down or prevents https page loads new pde defect normal
Description

Since HTTPS-E 4.0dev10 page load times of https-websites have increased significantly. Sometimes https-websites fail to load completely.

STR:

  1. Install HTTPS-E 4.0dev10 (or upgrade from 4.0dev9).
  2. Restart Firefox.
  3. Try to load several https-sites (with a corresponding HTTPS-E rule enabled) in parallel, in different tabs (like dropbox.com; eff.org; google.com; microsoft.com; mozilla.org; tweakers.net; twitter.com; zotero.org -- typed with or without https-prefix).
  4. If everything seems to work okay, restart Firefox and repeat step 3 once or twice.

Actual Results: page loads take often more than 1 minute, they sometimes even result in a Firefox connecting error ("The connection was reset").

Expected Result: page loads should be successful and should not take more than a couple of seconds.

Downgrading to HTTPS-E 4.0dev9 or 3.4.1 resolves the problem for me. Disabling all other add-ons doesn't resolve the problem with 4.0dev10.

Tested against: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:25.0) Gecko/20100101 Firefox/25.0

#9584 Breaks Amazon Instant Video new pde defect normal
Description

While HTTPS Everywhere is enabled in Chrome, Amazon Instant Video fails to get past the "Connecting..." stage.

#9586 Trac lacks component for TorBrowserBundle TBB new erinn defect normal
Description

Trac lacks component for TorBowserBundle. There are various outdated components but for TBB (one of the most important pieces of tor) there is none.

#9592 Ruleset for Victorinox new pde defect normal
Description

Start of a victorinox.com with some subdomains.

The attached ruleset is not using a wildcard for subdomains as some domains do not appear to support HTTPS, ie. http://jp.microsites.victorinox.com/people/ . But it appears to function fine with the main site.

#9594 fco.gov.uk ruleset broken new pde defect normal
Description

http://fco.gov.uk sends users to https://www.fco.gov.uk/ - which returns an Access Denied message.

http://www.fco.gov.uk/ itself correctly sends users to the correct gov.uk address.

#9603 Rules for Danbooru, FurAffinity, and InkBunny new pde defect normal
Description

Danbooru, FurAffinity, and InkBunny are all sites which may be embarassing if a third party (WiFi MitM-er, etc.) manages to log which specific pages you're visiting.

(FurAffinity and InkBunny are sort of like deviantArt but for adult furry content while Danbooru is a collaborative, moderated image gallery dedicated to Japanese-themed content... mostly adult.)

All three offer HTTPS access and I have been unable to trigger any mixed content warnings. (In fact, InkBunny provides their own HTTPS-E ruleset and instructions to install it.)

I don't know what the auditing process is, but I've written rulesets for the first two and I'd like to propose all three for inclusion. (I haven't pounded on my own for days, but every page and page transition I thought to try worked without problems and they're simple enough that they could probably have been generated by the make-trivial-rule script had I know about it at the time.)

The InkBunny ruleset is available at https://inkbunny.net/contrib/inkbunny_https.xml

I'm attaching my own two.

#9607 torbutton popup menu doesn't appear new tbb-team defect normal
Description

If you move the Torbutton icon into the Add-on bar and hide the Navigation toolbar, the context menu never appears when clicking on the icon.

Curiously, the menu will work correctly in the Add-on bar if the Navigation toolbar is not hidden.

#9610 YouTube rule breaks video play needs_information pde defect normal
Description

It appears the default YouTube rule now breaks video playback. It was working fine on Sunday, now most of the YouTube videos I try to watch won't load. Upon disabling the rule, videos play fine.

E.g. I'm unable to play this video with the YouTube rule enabled: https://www.youtube.com/watch?v=QDUxLyaCN2w Video doesn't load, black screen.

Disable "YouTube (partial) rule, goto http://www.youtube.com/watch?v=QDUxLyaCN2w and video plays fine.

#9612 Wrong IP used from /etc/hosts new defect minor Tor: unspecified
Description

Be silly, miss-configure your /etc/hosts file, thus for a host named 'wrongtest' (thus "hostname -a" == wrongtest.wrongdomain" matches that), have in /etc/hosts/

192.0.2.66 wrongtest.wrongdomain

Then have on the REAL interface (eth0) the real IP address 192.0.2.1.

Put in torrc (next to other semi-standard things):

DirPort 192.0.2.1:993
ORPort 192.0.2.1:443

Start tor using that, it will listen on the 192.0.2.1 IP (logs state that and netstat confirms), and then you will see:

[notice] Now checking whether ORPort192.0.2.66:443 and DirPort 192.0.2.66:993 are reachable... (this may take up to 20 minutes -- look for log messages indicating success)
[warn] Your server (192.0.2.66 :443) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.

Yes, for some mysterious reason 192.0.2.66 is used (which is only to be found in /etc/hosts), even though you specified the other address...

Now, stop tor. Fix /etc/hosts to the right IP (192.0.2.1) and restart Tor and everything works as it should.

Something is causing /etc/hosts to be used which should not even be involved at all, might want to figure out why.

(Of course I should not be silly and have old IPs in the configs left, but hey, can't blame me for that :)

Version not selected in Trac as this pertains to the current (today/last hour) git version and there is no 'tor git' option in the list, but there are a 50 other which are very old, and nicely unsorted btw, might want to clean that up.

#9618 Tor vilalia just stopped working new chiiph defect critical TorBrowserBundle 2.3.x-stable
Description

Aug 29 03:26:36.538 [Notice] Tor v0.2.3.25 (git-17c24b3118224d65) running on Windows 7. Aug 29 03:26:36.538 [Notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Aug 29 03:26:36.538 [Notice] Read configuration file "C:\Users\Shivam\Downloads\T\Tor Browser\Data\Tor\torrc". Aug 29 03:26:36.538 [Notice] Initialized libevent version 2.0.21-stable using method win32. Good. Aug 29 03:26:36.538 [Notice] Opening Socks listener on 127.0.0.1:9150 Aug 29 03:26:36.538 [Notice] Opening Control listener on 127.0.0.1:9151 Aug 29 03:26:36.538 [Notice] Parsing GEOIP file .\Data\Tor\geoip. Aug 29 03:26:36.754 [Notice] No AES engine found; using AES_* functions. Aug 29 03:26:36.754 [Notice] This OpenSSL has a good implementation of counter mode; using it. Aug 29 03:26:39.864 [Notice] Bootstrapped 5%: Connecting to directory server. Aug 29 03:26:39.865 [Notice] Heartbeat: Tor's uptime is 0:00 hours, with 1 circuits open. I've sent 0 kB and received 0 kB. Aug 29 03:26:39.866 [Notice] Bootstrapped 10%: Finishing handshake with directory server.

#9621 HTTPS everywere stalls on Grainger.com new pde defect normal
Description

While trying to checkout of the shopping cart on Grainger.com, the extension hangs up / indefinatly is waiting for a response. The shopping cart is already a https site.

#9622 Google Mail and other sites significantly slower recently needs_information pde defect normal HTTPS-E 4 stable
Description

I don't know if this coincided with https-everywhere being updated to 4.0development.10 - in fact I don't remember for sure whether I was on the stable or development branch prior to this - but Google Mail in particular has become a lot slower in the last few days.

In more detail: Extensions: Adblock Plus, Cookie Monster, https-everywhere, NoScript, RequestPolicy, SQLite Manager, Ubuntu Firefox Modifications, View Dependencies, Web Developer (all enabled)

Steps to reproduce:

Check that all of the above extensions are present and enabled.

Navigate to https://mail.google.com. There is quite a long delay before the page has fully loaded.

Temporarily allow google.com to execute scripts and temporarily allow google.com cookies. This leads to a further delay - which I should have timed - but I do know that after temporarily allowing requests from google.com to gstatic.com in RequestPolicy, there is another delay, just as long as the first, before the page is rendered. Most of this is spent "connecting".

There may be further delays in Gmail, but after a while they all seem to be sorted. Possibly these delays are related to the first time each certificate is encountered.

However, if I first disable https-everywhere, there are no such delays.

Navigate to other sites, such as nationalrail.co.uk. These are also noticeably slower in the last few days - unless https-everywhere is disabled. I've had https-everywhere installed for a couple of years now, and I think that things were still fine for a while after the last update on August 16.

Finally, close the browser. I have it set to clear history when Firefox exits, and to clear everything except site preferences, however far back. If https-everywhere is enabled, System Monitor shows the activity resulting from this to take much longer than usual, as if more information is being deleted than would otherwise have been the case.

Does anyone have any idea where the problem might lie, and if there's likely to be a less radical workaround than disabling https-everywhere altogether?

#9623 Referers being sent from hidden service websites new tbb-team defect major
Description

Currently, when browsing on a hidden service website, when you click on a clearnet/hidden service link it sends the current address as referer.

I think Tor Browser should behave for websites on .onion addresses the same as https:// websites on clearnet in certain cases.

Normally, when you click on a http link from a https website, it doesn't send any referer.

Tor Browser should at least use this same behavior of https for http hidden services (both are encrypted right?). No referers should be sent to clearnet or to other hidden services, this is unacceptable. I believe it shouldn't send referers for https links as well, so send nothing at all.

Other than a partial solution, I still believe using the smart referer is a better solution overall.

#9636 Tor not fully passing input to CGI script needs_information defect normal Tor: unspecified
Description

As a hobby project, I thought I would create a public mailserver as a hidden service. When I got to the part about creating a self-registration page, which I did as a CGI with compiled C, I ran into a bizarre problem.

When accessing the registration service from the Tor Browser, either as a hidden service or directly through the IP address, the registration process fails because some of the information is not passed correctly to the CGI script. The script completes successfully if you turn off the tor service in the browser or use another browser.

The registration page is: http://54.229.143.194/cgi-bin/vqregister/vqregister.cgi

This is an Amazon instance, which I will leave on until this case is resolved. If you wish, I can send you an AMI.

For instance, trying to register an account with name, username, and password of foox results in Apache thinking that it only received 48 characters: fname=foox&user=foox&dom=7wwgnynofwo7wodd.onion& instead of the full 86 characters fname=foox&user=foox&dom=7wwgnynofwo7wodd.onion&pass=foox&vpass=foox&Register=Register

Oddly, the Apache script log correctly shows

%% [Sat Aug 31 09:46:49 2013] POST /cgi-bin/vqregister/vqregister.cgi HTTP/1.1 %% 500 /var/www/localhost/cgi-bin/vqregister/vqregister.cgi %request Host: 54.229.143.194 User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://54.229.143.194/cgi-bin/vqregister/vqregister.cgi Content-Type: application/x-www-form-urlencoded Content-Length: 86

fname=foox&user=foox&dom=7wwgnynofwo7wodd.onion&pass=foox&vpass=foox&Register=Register %response

I would conclude that it is an Apache misconfiguration, since the script log looks fine, except that this problem only occurs when using Tor. It fails 100% of the time with Tor, and succeeds 100% of the time without Tor.

#9642 Tumblr images don't load default ruleset new pde defect normal HTTPS-E 3.2.1
Description

images on tumblr.com don't load when the https tumblr default rule set is enabled.

#9659 high cpu usage from tbb-firefox.exe on web requests new tbb-team defect major
Description

Some change to tbb-firefox.exe after TBB for windows 2.3.25-6 has introduced a bad loop which throttles the CPU on every request sent through the proxy. This will go unnoticed if you are not using all of your CPU at the time. Running something like prime95 (www.mersenne.org) in the background will make the problem evident, as TBB versions after 2.3.25-6 start to hang the system as you click open links or have other traffic through the proxy while waiting for their connections to be made and complete. Something changed in how requests were handled in later versions which introduced the problem.

In the old versions, when you sent a request for a web page (lets say www.google.com), you could have the tor network map open with the view the network button and watch how it works. The browser status bar will say connecting to www.google.com and it will say that until a circuit is open in the network map (www.google.com appears in the list), at which point the browser status bar will change to say connected to www.google.com. It then sends the request, and the status bar changes to waiting for www.google.com, then the page loads. I can watch this happen in task manager and it uses hardly any CPU.

In the new versions, this behavior is different. When you request a web page, the browser immediately says waiting for www.google.com, even though there is no circuit open in tor, and this is where the bad loop is, as watching tbb-firefox.exe in task manager the CPU usage becomes abnormally high. This will cause the system to hang, becoming temporarily unresponsive until the loops finish, if the rest of the system is under heavy cpu load.

#9662 Make ntor handshake faster new defect normal Tor: 0.2.???
Description

This is a parent ticket to cover performance improvements to ntor. It does not cover replacing ntor with a faster handshake.

#9666 Autogen error for autoreconf could be more helpful needs_information defect trivial Tor: unspecified
Description

Hi, minor nitpick but when I pulled and re-ran tor's autogen it failed due to a new dependency...

atagar@odin:~/Desktop/tor/tor$ ./autogen.sh 
Can't exec "libtoolize": No such file or directory at /usr/bin/autoreconf line 196.
Use of uninitialized value in pattern match (m//) at /usr/bin/autoreconf line 196.

This is all well and good, but we usually provide a more helpful error message (preferably including the debian package the person needs). The following did the trick for me...

sudo apt-get install dh-autoreconf

Cheers! -Damian

#9667 Consider batch-exponentiation tricks to improve ntor performance new defect normal Tor: 0.2.???
Description

In the ntor paper, the authors say:

In our protocol the server needs to compute Xb and Xy. Since the base is the same, squarings in the squareand-multiply algorithm can be parallelized [MN96] reducing the computational cost to 1.33 exponentiations. Further improvements such the \Exponent Combination Method" [MN96, x2.3] can be applied to the computation of the server. However such algorithms further increase the complexity of the computations and the improvements are not always clear cut.

This is why they list "1.33" online exponentiations, while our naive implementation has 2.

We should examine whether we can actually use some/all of these techniques. (I believe there has been some discussion on the point on tor-dev already; anybody want to dig up a link?)

#9674 /Applications/TorBrowser-2.3.25-12-osx-i386-en-US.zip usability woes new tbb-team defect normal TorBrowserBundle 2.3.x-stable
Description

Recently I downloaded TorBrowser-2.3.25-12-osx-i386-en-US.zip into my file://2.macbook.roman.czyborra.com/Applications/ imprisoned in a uname -a Darwin whitey.local 10.8.0 Darwin Kernel Version 10.8.0: Tue Jun 7 16:33:36 PDT 2011; root:xnu-1504.15.3~1/RELEASE_I386 i386 and unpacked it there with open [ -a /System/Library/CoreServices/Archive?Utility.app ] and renamed it into the easier to memoize "TorBrowser.app" and deleted all the previous buggy versions and now I observe the following problems:

  1. All of my bookmarks were gone and I had to fear that I was being spoofed into a trapping onion URL because of unbeknown response behavior.
  1. Show all history also shows nothing as if I was not emancipated enough to decide for myself which history.log on unencrypted partitions I prefer to be redirected to file:/dev/null
  1. I received no warning which of my privately created data would be destroyed by TorBrowser if I did not manually back them up on paper punch tape notes.
  1. I simply attached the TorBrowser.app to the file:/System/Library/CoreServices/Dock.app/ and that seems to yield no way to recover data lost thru accidental [cmd]+[Q] or [cmd]+[W] while aiming for Emacs text editing with [ctrl]+[W] short of killing Vidalia to bring back a TorBrowser and starting everything anew.

User-unfriendliness not likely to grow our network either thinks me.

Which line on what wiki would I have alter to improve on this situation?

#9675 Provide feedback mechanism for clock-skew and other bad problems assigned brade defect normal
Description

TBB 3.0 currently has a button to copy Tor logs to the clipboard. It's good enough to enable support by knowledgeable people, but it is also good to enable at least a minimal level of self-support.

One misconfiguration that can prevent Tor from working is clock-skew. Vidalia made a bright red message out of it. Having some feedback mechanism in TBB 3.0 for similar critical issues would be good.

#9679 Man page warnings after 2.4.x nightly update to Tor new atagar defect minor
Description

After upgrading to the 2.4.x nightly of Tor, there's two new warnings in the TOR/ARM NOTICE section.

 12:46:33 [ARM_NOTICE] Unrecognized category in the man page: GENERAL OPTIONS
 12:46:33 [ARM_NOTICE] Unrecognized category in the man page: COMMAND-LINE OPTIONS
#9684 The experimental builds for the Pi (arm) don't seem up to date needs_information erinn defect normal
Description

The experimental builds for the Pi (arm) don't seem up to date. Development branch contains 2.4.11-alpha and I can imagine few people run relays on their Pi so if someone could take a look, it'd be appreciated.

#9690 TBB Breaks After Failed Reachability Test new chiiph defect minor
Description

When I run the latest TBB build from the Tor Project site as a client everything works perfectly. When I go into my settings and try and run a relay as a non-exit, it fails the reachability test. This is expected because I live in a country where every ISP engages in heavy port blocking. Once I try to "attempt to automatically configure port forwarding" and/or "configure control port automatically", whenever I start the Tor Browser Bundle it alerts me that "The proxy server is refusing connections" and I can't load any web pages. Even if I restore the TBB to its default settings and use it in client mode, and restart it numerous times, it doesn't work. I don't know why, but I have to delete everything (including the preferences file) and run a fresh copy.

TBB Version 2.3.25-12 - OS X (64-Bit)

#9692 Slow DNS requests with HTTPS Everywhere in Iceweasel 17.0.8/23.0 on Debian 7.1 new pde defect normal
Description

With HTTPS Everywhere enabled, DNS lookups of HTTPS websites become slower than normal and the site may not load altogether, most notably youtube.com. Disabling/enabling the SSL Observatory does not change this behavior. HTTP-only sites appear to be unaffected.

The issue is present in the development version of the addon on Iceweasel 17.0.8~deb7u1 and 23.0 on a Debian 7 system. HTTPS Everywhere stable running on Windows 7 is unaffected.

#9693 There should be a way to prevent HTTPS Everywhere to connect to check.t.o on startup new zyan defect normal
Description

Tails users complain that our web browser calls check.t.o on startup, even if we configure Torbutton so that it doesn't initiate any such connection. This can be reproduced with TBB.

#9694 tor hangs if network interrupted while "Bootstrapped 85%: Finishing handshake with first hop." needs_information defect normal Tor: 0.2.???
Description

Version: 0.2.4.17-rc-1~d70.wheezy+1

Tor gets stuck in a state where it is logging nothing and the init script cannot kill it. Had to kill -9.

arm also hangs when trying to connect it in this state.

The cause is the network (wifi in my case) becoming disconnected while "finishing handshake with first hop".

My first attempt at reproducing this failed, but the second one succeeded.

Sep 07 18:55:49.000 [notice] Tor 0.2.4.17-rc (git-36eb3e0da4c3a821) opening log file.
Sep 07 18:55:49.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Sep 07 18:55:52.000 [notice] We now have enough directory information to build circuits.
Sep 07 18:55:52.000 [notice] Bootstrapped 80%: Connecting to the Tor network.
Sep 07 18:55:53.000 [notice] Bootstrapped 85%: Finishing handshake with first hop.
Sep 07 18:55:53.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:53.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:53.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:53.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:54.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:54.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:55.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:55.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:56.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:56.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:57.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:57.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:58.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:58.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:58.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:58.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:58.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:58.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:59.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:55:59.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:55:59.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (DONE; DONE; count 10; recommendation warn)
Sep 07 18:55:59.000 [warn] 10 connections have failed:
Sep 07 18:55:59.000 [warn]  10 connections died in state handshaking (TLS) with SSL state unknown state in HANDSHAKE
Sep 07 18:56:00.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:56:00.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:56:00.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (DONE; DONE; count 11; recommendation warn)
Sep 07 18:56:00.000 [warn] 11 connections have failed:
Sep 07 18:56:00.000 [warn]  11 connections died in state handshaking (TLS) with SSL state unknown state in HANDSHAKE
Sep 07 18:56:00.000 [warn] Socks version 22 not recognized. (Tor is not an http proxy.)
Sep 07 18:56:00.000 [warn] Fetching socks handshake failed. Closing.
Sep 07 18:56:00.000 [warn] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (DONE; DONE; count 12; recommendation warn)
Sep 07 18:56:00.000 [warn] 12 connections have failed:

(I have no idea what is causing the "SOCKS Version 22" lines, I don't usually get those.)

#9696 New Identity doesn't clear download UI history new tbb-team defect major
Description

We should clear it. There's a 'Clear' button in the UI that probably makes an XPCOM call that does it.

The actual download manager storage is memory-only, so this isn't a disk leak issue, but it is a usability one.

#9697 Tor closes seconds after startup new tbb-team defect major
Description

Whenever I startup Tor, the Vidalia control panel looks like it loads normally, and opens up the Tor browser, I get taken to the default webpage. As soon as that happens, the window (browser) is un-clickable and I get the Windows app not responding pop-up. When I open up Tor in safe-mode though, it works normally.

Additional info: -I noticed this happens in the same fashion with Mozilla as well

  • This has been happening over multiple versions of Tor.

Following debug log txt file

#9699 tor curve25519 fail new defect normal Tor: unspecified
Description

Tor fails to compile on CentOS 5.9 unless I use --disable-curve25519 and I don't want to miss out on curve25519.

This is compile fail with git from a few minutes ago:

if gcc -DHAVE_CONFIG_H -I. -I. -I. -DTOR_UNIT_TESTS -I./src/ext -Isrc/ext -I./src/common -Isrc/common -I./src/or -Isrc/or -DSHARE_DATADIR="\"/usr/share\"" -DLOCALSTATEDIR="\"/usr/var\"" -DBINDIR="\"/usr/bin\"" -I./src/common -g -O2 -D_FORTIFY_SOURCE=2 -fstack-protector-all -Wstack-protector -fwrapv --param ssp-buffer-size=1 -fPIE -Wall -fno-strict-aliasing -MT src/common/src_common_libor_event_testing_a-compat_libevent.o -MD -MP -MF "src/common/.deps/src_common_libor_event_testing_a-compat_libevent.Tpo" -c -o src/common/src_common_libor_event_testing_a-compat_libevent.o test -f 'src/common/compat_libevent.c' || echo './'src/common/compat_libevent.c; \

then mv -f "src/common/.deps/src_common_libor_event_testing_a-compat_libevent.Tpo" "src/common/.deps/src_common_libor_event_testing_a-compat_libevent.Po"; else rm -f "src/common/.deps/src_common_libor_event_testing_a-compat_libevent.Tpo"; exit 1; fi

rm -f src/common/libor-event-testing.a ar cru src/common/libor-event-testing.a src/common/src_common_libor_event_testing_a-compat_libevent.o ranlib src/common/libor-event-testing.a if gcc -DHAVE_CONFIG_H -I. -I. -I. -I./src/ext -Isrc/ext -I./src/common -Isrc/common -I./src/or -Isrc/or -DSHARE_DATADIR="\"/usr/share\"" -DLOCALSTATEDIR="\"/usr/var\"" -DBINDIR="\"/usr/bin\"" -I./src/common -g -O2 -D_FORTIFY_SOURCE=2 -fstack-protector-all -Wstack-protector -fwrapv --param ssp-buffer-size=1 -fPIE -Wall -fno-strict-aliasing -MT src/ext/curve25519_donna/src_common_libcurve25519_donna_a-curve25519-donna-c64.o -MD -MP -MF "src/ext/curve25519_donna/.deps/src_common_libcurve25519_donna_a-curve25519-donna-c64.Tpo" -c -o src/ext/curve25519_donna/src_common_libcurve25519_donna_a-curve25519-donna-c64.o test -f 'src/ext/curve25519_donna/curve25519-donna-c64.c' || echo './'src/ext/curve25519_donna/curve25519-donna-c64.c; \

then mv -f "src/ext/curve25519_donna/.deps/src_common_libcurve25519_donna_a-curve25519-donna-c64.Tpo" "src/ext/curve25519_donna/.deps/src_common_libcurve25519_donna_a-curve25519-donna-c64.Po"; else rm -f "src/ext/curve25519_donna/.deps/src_common_libcurve25519_donna_a-curve25519-donna-c64.Tpo"; exit 1; fi

src/ext/curve25519_donna/curve25519-donna-c64.c: In function ‘curve25519_donna’: src/ext/curve25519_donna/curve25519-donna-c64.c:451: error: unrecognizable insn: (insn 10003 10002 10004 20 src/ext/curve25519_donna/curve25519-donna-c64.c:261 (parallel [

(set (reg:CC 17 flags)

(unspec:CC [

(reg:DI 2 cx [orig:375 t$0.894 ] [375]) (const_int 2251799813685229 [0x7ffffffffffed])

] 24))

(set (reg:DI 2 cx [orig:375 t$0.894 ] [375])

(plus:DI (reg:DI 2 cx [orig:375 t$0.894 ] [375])

(const_int 2251799813685229 [0x7ffffffffffed])))

]) -1 (nil)

(nil))

src/ext/curve25519_donna/curve25519-donna-c64.c:451: internal compiler error: in extract_insn, at recog.c:2084 Please submit a full bug report, with preprocessed source if appropriate. See <URL:http://bugzilla.redhat.com/bugzilla> for instructions. Preprocessed source stored into /tmp/ccZzU4qG.out file, please attach this to your bugreport. make[1]: * [src/ext/curve25519_donna/src_common_libcurve25519_donna_a-curve25519-donna-c64.o] Error 1 make[1]: Leaving directory `/root/Tor/tor' make: * [all] Error 2

#9706 Missing "To" header triggers Spamassassin new erinn defect normal
Description

With the new Trac, mails sent do not have a "To" header. This triggers the MISSING_HEADERS and REPLYTO_WITHOUT_TO_CC Spamassassin rules and got the messages classified as spam. Previously mails had the header "To: undisclosed-recipients:;".

#9720 Orbot Android Force Close loop on weird bridge lines new n8fr8 defect normal
Description

Basically it seems that one or both of the following are true:

Orbot Force Closes every time you try to interact with the Orbot app if:

  1. You have something weird in your bridge line like a missing comma, or commas, or a FQDN instead of an IP, or or or or or or or. Please robustify.
  1. You have a bridge string that is too long for Orbot's tastes, I think it may also set off a similar Force Close loop, but I haven't rigorously tested this.
#9723 Tor Browser Microsoft Windows (2.4.17-beta-1): Firefox is running already new tbb-team defect normal
Description

Tor Browser Microsoft Windows Vista (2.4.17-beta-1) start-up fails with the following error message: Firefox is running already.

#9725 'About' section has outdated information new n8fr8 defect normal
Description

According to a user, the 'About' section in Orbot still says it uses Tor 0.2.3.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Note: See TracQuery for help on using queries.