{5} Accepted, Active Tickets by Owner (Full Description) (97 matches)

List tickets accepted, group by ticket owner. This report demonstrates the use of full-row display.

Cthulhu (2 matches)

Ticket Summary Component Milestone Type Created
#13421 GoodBadISP's Revamp Wiki project Oct 15, 2014

Following a discussion on the mailing list [1] the GoodBadISP page could do with some updating and proper arranging.

Some of the categories I have in mind to make available in the table format are as follows: Country, Company Name, ASN, Bridges Allowed, Relays Allowed, Exits Allowed, Last Updated, Correspondence.

Would "Bridges Allowed" be a redundant measure since they won't be in the public sphere?

Moritz @ Torservers already has done a fair deal of work, some is outdated or could use an update though but it's a good place to start our focus and give inspiration where needed. [2] [3] [4]

[1] https://lists.torproject.org/pipermail/tor-relays/2014-October/005493.html

[2] https://www.torservers.net/wiki/hoster/experience

[3] https://www.torservers.net/wiki/hoster/inquiry

[4] https://www.torservers.net/wiki/hoster/index

Note: Those wishing to assist on this project please feel free to CC yourself in and keep an eye on the child tickets. I can be found under the pseudonym "TheCthulhu" on IRC or contacted at thecthulhu <at> riseup <dot> net if you wish to ask me directly what to work on next. If this is the first time you've assisted using Trac or the Tor Wiki, don't hesitate to ask for help.

#13473 Sort Existing GoodBadISP page into tables Wiki task Oct 19, 2014

The existing GoodBadISP tables need sorting into the new format. All opinions, feedback and communications to that ISP must go in the correct section on ISPCorrespondence page to keep the primary page clean and to the point since it will grow substantially over time.

The new format should be available soon after this ticket is posted as it will be done for the US hosts (good experiences).

JacobHenner (1 match)

Ticket Summary Component Milestone Type Created
#8177 Vidalia Help Documentation Out of Date Vidalia defect Feb 6, 2013

In the most recent release of the Tor Browser Bundle, the help documentation bundled with Vidalia (accessed by selecting Help) is out of date. A search of GeoIP will confirm this, as the documentation still lists the GeoIP lookup server at geoip.vidalia-project.net, which has not been maintained since 2010.

Larrykl77590 (1 match)

Ticket Summary Component Milestone Type Created
#4915 Tor Weather: Subscribe: give a better explaination for how to find your fingerprint Tor Weather enhancement Jan 16, 2012

https://weather.torproject.org/subscribe/ states: "Node Fingerprint: (search for a router)" and the link goes to https://metrics.torproject.org/relay-search.html

The new Tor operator won't find his fingerprint from the search (at least not instantly).

Either you should explain on the subscribe page, that you have to click on the descriptor link to find out your finger print, or, even better, display the fingerprint in the metrics search result.

MB (1 match)

Ticket Summary Component Milestone Type Created
#9328 o2online.de Live Check not working with enabled SSL strictness EFF-HTTPS Everywhere defect Jul 25, 2013

With enabled HTTPS Everywhere, http://www.o2online.de/microsite/o2-netz/live-check/ does not load additional JavaScript from a non-SSL CDN

Sherief (1 match)

Ticket Summary Component Milestone Type Created
#12236 Don't display the full URL in token table Tor Support enhancement Jun 9, 2014

I'm interesting in the token full URL only when I create a new token so I give it to the user. The rest of the time, I don't really care to see the full thing, only the hash, maybe. That could reduce the table width.

So this change needs also a change to the token creation action to display a big fat URL that I can easily get into the clipboard.

StalkR (1 match)

Ticket Summary Component Milestone Type Created
#2862 T-Shirt uptime is absolute, not considering tiny interruptions Tor Weather defect Apr 6, 2011

I've been running my non-exit Tor relay for many months now and for the last 3-4 months unthrottled. It averaged well above 500 Kilobyte/s. Since I signed up for Tor Weather earlier, I assumed I would receive the "get your shirt!" mail some day. But now it has been so long and I still did not get it.

My router has not been running without interruptions. I sometimes updated Tor, sometimes other things required me to stop it for short periods. I assumed Tor Weather would take that in mind.

I read https://gitweb.torproject.org/weather.git/blob?f=doc/design.txt#l42 and also asked in IRC:

<me> hm, according to the https://gitweb.torproject.org/weather.git/blob?f=doc/design.txt i need to run it uninterrupted for the timespan <Sebastian> that sounds not what the intention of our tshirt giveaway is <Sebastian> because a node can become unavailable through no fault of the operator for a short period of time <Sebastian> please definitely file that bug now

So here it is! And I will send a mail to the donations address about the shirt. :-)

asn (1 match)

Ticket Summary Component Milestone Type Created
#4626 Very high cpu usage for gabelmoo running with renegotiation-limiting code Tor Tor: unspecified defect Dec 1, 2011

Hey there,

gabelmoo is seeing almost full cpu utilization lately. I'm running openssl1 and libevent master. Traffic is at around 200KB/s, so not very much. Here's a profile for everything over 0.5%:

samples  %        image name               app name                 symbol name
397332   26.8226  libc.so.6                libc.so.6                /home/karsten/debug/libc.so.6
210739   14.2263  libpthread.so.0          libpthread.so.0          __pthread_mutex_unlock_usercnt
157849   10.6559  libpthread.so.0          libpthread.so.0          pthread_mutex_lock
62969     4.2508  tor                      tor                      connection_handle_write
56998     3.8477  tor                      tor                      _openssl_locking_cb
44452     3.0008  tor                      tor                      assert_connection_ok
38146     2.5751  tor                      tor                      connection_bucket_write_limit
37917     2.5597  [vdso] (tgid:17627 range:0x7fffb85ff000-0x7fffb8600000) tor                      [vdso] (tgid:17627 range:0x7fffb85ff000-0x7fffb8600000)
32683     2.2063  tor                      tor                      flush_buf_tls
29224     1.9728  tor                      tor                      connection_is_rate_limited
28245     1.9067  tor                      tor                      connection_bucket_round_robin
25259     1.7052  tor                      tor                      tor_tls_get_error
22309     1.5060  tor                      tor                      tor_tls_write
21562     1.4556  tor                      tor                      assert_buf_ok
20642     1.3935  tor                      tor                      get_options_mutable
19521     1.3178  tor                      tor                      approx_time
19272     1.3010  tor                      tor                      _check_no_tls_errors
19108     1.2899  tor                      tor                      conn_write_callback
18312     1.2362  tor                      tor                      tor_addr_is_internal
14932     1.0080  tor                      tor                      tor_tls_get_forced_write_size
14237     0.9611  tor                      tor                      tor_gettimeofday_cache_clear
12501     0.8439  librt.so.1               librt.so.1               /home/karsten/debug/librt.so.1
11918     0.8045  tor                      tor                      tor_mutex_acquire
11907     0.8038  tor                      tor                      tor_mutex_release
11376     0.7680  tor                      tor                      connection_bucket_refill
9770      0.6595  tor                      tor                      connection_is_listener
9582      0.6468  tor                      tor                      connection_is_reading
9493      0.6408  tor                      tor                      tor_tls_state_changed_callback
9087      0.6134  tor                      tor                      connection_is_writing
8689      0.5866  tor                      tor                      TO_OR_CONN
7890      0.5326  tor                      tor                      connection_state_is_connecting

atagar (1 match)

Ticket Summary Component Milestone Type Created
#16348 Suppress exception chaining when PEP 3134 is merged Stem defect Jun 10, 2015

with tor- and stem-1.4.1 I run (rarely) into this :

cat ioerror.stderr.old
Exception in thread Event Notifier:
Traceback (most recent call last):
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 1758, in get_network_status
    desc_content = self.get_info(query, get_bytes = True)
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 414, in wrapped
    raise exc
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 409, in wrapped
    return func(self, *args, **kwargs)
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 1113, in get_info
    raise exc
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 1066, in get_info
    stem.response.convert('GETINFO', response)
  File "/usr/lib64/python3.3/site-packages/stem/response/__init__.py", line 135, in convert
  File "/usr/lib64/python3.3/site-packages/stem/response/getinfo.py", line 38, in _parse_message
    raise stem.InvalidArguments('552', 'GETINFO request contained unrecognized keywords: %s\n' % ', '.join(unrecognized_keywords), unrecognized_keywords)
stem.InvalidArguments: GETINFO request contained unrecognized keywords: ns/id/2BCDF9F0BCEFC2A44F7850F92362BA85AA226E1F

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib64/python3.3/threading.py", line 901, in _bootstrap_inner
  File "/usr/lib64/python3.3/threading.py", line 858, in run
    self._target(*self._args, **self._kwargs)
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 882, in _event_loop
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 3480, in _handle_event
  File "./err.py", line 47, in orconn_event
    relay = controller.get_network_status(fingerprint)
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 414, in wrapped
    raise exc
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 409, in wrapped
    return func(self, *args, **kwargs)
  File "/usr/lib64/python3.3/site-packages/stem/control.py", line 1761, in get_network_status
    raise stem.DescriptorUnavailable("Tor was unable to provide the descriptor for '%s'" % relay)
stem.DescriptorUnavailable: Tor was unable to provide the descriptor for '2BCDF9F0BCEFC2A44F7850F92362BA85AA226E1F'

while running this script :

$ cat err.py
#!/usr/bin/python3 -u

#   Toralf Foerster
#   Hamburg
#   Germany

# collect data wrt to https://trac.torproject.org/projects/tor/ticket/13603

import time
import functools

from stem import ORStatus, ORClosureReason
from stem.control import EventType, Controller

def main():
  class Cnt(object):
    def __init__(self, done=0, closed=0, ioerror=0):
      self.done = done
      self.closed = closed
      self.ioerror = ioerror

  c = Cnt()

  with Controller.from_port(port=9051) as controller:

    orconn_listener = functools.partial(orconn_event, controller, c)
    controller.add_event_listener(orconn_listener, EventType.ORCONN)

    while True:

def orconn_event(controller, c, event):
  if event.status == ORStatus.CLOSED:
    c.closed += 1

    if event.reason == ORClosureReason.DONE:
      c.done += 1

    if event.reason == ORClosureReason.IOERROR:
      c.ioerror += 1

      fingerprint = event.endpoint_fingerprint
      print (" %i %i %i %i %s %40s" % (c.closed, c.done, c.ioerror, event.arrived_at, time.ctime(event.arrived_at), fingerprint), end='')
      relay = controller.get_network_status(fingerprint)
      if relay:
        print (" %15s %5i %s %s" % (relay.address, relay.or_port, controller.get_info("ip-to-country/%s" % relay.address, 'unknown'), relay.nickname), end='')
      print ('', flush=True)

if __name__ == '__main__':

boklm (2 matches)

Ticket Summary Component Milestone Type Created
#11508 Test that about:tor page is properly loaded Quality Assurance and Testing enhancement Apr 14, 2014

During the last beta release we realized that some translators translate "about:tor" which breaks it. We should write a test that checks this crucial page is working in built bundles.

#11509 Make sure search engine strings are not translated Quality Assurance and Testing enhancement Apr 14, 2014

Bug #11236 is caused by translated search engine strings. We should make sure those strings are not translated.

danieleweber7624 (1 match)

Ticket Summary Component Milestone Type Created
#8915 Cannot spoof useragent and vendor Tor Browser TorBrowserBundle 2.3.x-stable defect May 20, 2013

Can add any way to chage vendor to firefox via general.useragent.vendor?

Seems this only work in firefox 3 or older

Also firefox 17 not update the pref general.useragent.override without restarting the browser, this is actually same bug for newest vesions of firefox.

dgoulet (3 matches)

Ticket Summary Component Milestone Type Created
#15801 Relay with HSDir flag but no DirPort fail to respond to BEGIN_DIR Tor Tor: 0.2.8.x-final defect Apr 24, 2015

Because of #14202, directory authorities now can assign HSDir flag to a relay without a DirPort. However, relays don't accept BEGIN_DIR cells if options->DirPort_set is set to 0 (see directory_permits_begindir_requests()).

This is very problematic right now because as I'm opening this bug, we currently have 4348 HSDir in the consensus but 1497 of them (34%) of them don't have a DirPort thus not working.

Unless all relay updates with the patch, this situation will continue thus we should maybe bring back the need for a DirPort to get the HSDir flag on the autority sides?

#13207 Is rend_cache_clean_v2_descs_as_dir cutoff crazy high? Tor Tor: 0.2.8.x-final defect Sep 21, 2014
  time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;

That's currently 3 days.


config.c:  V(RendPostPeriod,              INTERVAL, "1 hour"),

So we expect our current one to get overwritten once an hour, yet if the hidden service goes away (stops publishing) we continue to serve its old (presumably no longer working) descriptor for 71 more hours.

One downside to this poor tuning is that we waste the time of clients who try to access the hidden service -- if we instead tell them there is no descriptor, they could go to another hsdir or give up more promptly.

One upside is that if we say we don't have one, clients *will* go visit five other hsdirs before giving up, which could result in a lot of thrashing. Whereas providing an old one will keep the client distracted for a while. But that's not really a good reason.

Another downside is that it's easier to stuff our cache full of things, i.e. use hsdirs for arbitrary storage of blobs for three days.

#2554 Write script to reconstruct hidden service time components from controller events Torperf Tor: 0.2.8.x-final task Feb 14, 2011

When we get #1944 going, we're going to start wondering what the breakdown of "time before connected cell" is.

Does torperf get its statistics of time breakdown just from the socks port, or does it learn things over the control port too, or what? We should figure out what time components we want to track, and then figure out how to export them so torperf can track them for posterity.

We may also find that we want to remember the circuits for the other components of the rendezvous, similar to the extension we're considering for #2551.

erinn (3 matches)

Ticket Summary Component Milestone Type Created
#12820 Test+Recommend Tor Browser with MS EMET (Enhanced Mitigation Experience Toolkit) Tor Browser project Aug 7, 2014

The Enhanced Mitigation Experience Tookit is a Microsoft tool for further hardening selected applications against exploitation. We should test it with Tor Browser to see if it impacts functionality in any way, and if not, we should consider recommending it somewhere prominently for our Windows users.


#1873 Automate RPM package builds RPM packaging Deliverable-December2010 task Aug 26, 2010

Currently we distribute RPMs for vidalia and tor in our repositories. Building these is a lot less pleasant, and much slower, than building debs because of the overhead involved in launching VirtualBox VMs. This process needs to be streamlined first, either by finding a new solution to deal with RPM-based distributions, or VB needs to stop being recalcitrant and let me launch VMs headlessly.

The Tor spec file in my packaging-improvements branch (https://gitweb.torproject.org/erinn/tor.git/shortlog/refs/heads/packaging-improvements) has been generalized enough that it now builds on all of the distributions without any manual fiddling, but the init script still needs to be improved. When I add those, I'll move this to needs_review so it can be merged into Tor master which will streamline the autobuild process as well.

#1877 Create repository and package signing keys Tor bundles/installation Deliverable-December2010 task Aug 26, 2010

If we're going to be offering users nightly/weekly package builds, we want to offer them some modicum of proof that they came from us, and are what they claim to be, to the best of a robot's ability to verify them. The current plan is that all release builds/packages will be signed by hand, but for the nightlies/weeklies/whateverlies we need to create signing keys that can sign things automatically.

feynman (1 match)

Ticket Summary Component Milestone Type Created
#9022 Create an XMPP pluggable transport Pluggable transport task Jun 5, 2013

We should look into XMPP pluggable transports. There are many public XMPP services that see widespread use even from censored countries.

ficus (3 matches)

Ticket Summary Component Milestone Type Created
#3664 Tor web interface for the DreamPlug Torouter task Jul 29, 2011

We need a Tor web interface for the DreamPlug, as discussed at the Tor dev meeting in Waterloo, Canada earlier this week.

#6686 torouter IPv6 support Torouter enhancement Aug 24, 2012

This is a placeholder/discussion ticket for IPv6 support with torouter. IPv6 support is not a blocker or high priority at this time, and there is some concern about trusting "new" IPv6 daemons and code paths (citation needed!).

One way way IPv6 would work is that "downstream" devices connecting to the torouter (over the open wifi network or the local ethernet port) would auto-configure addresses from a site-local prefix (not globaly routed) and the torouter (via tsocks) would effectively provide NAT. With this scheme it would be possible to enable "downstream" IPv6 connectivity without proper "upstream" support (or vica versa).

"Upstream" IPv6 would require at least:

  • tor network and daemon support (roadmap)
  • ntp client support
  • automatic SLAAC/DHCPv6 configuration

Presumably SLAAC would use a randomized address (not based on the ethernet MAC address). Bootstrap upstream DNS could go straight to global DNS servers known to return both AAAA records and reply to requests over IPv6.

"Downstream" IPv6 would require at least:

  • a (hardened?) radvd
  • IPv6 configuration and support of the onboard recursive DNS servers (ttdnsd, unbound, dnsmasq)
  • support in tsocks
  • appropriate firewall rules
  • extension of the web interface to display and configure IPv6 options

In either case, kernel and iptable support would need to be enabled and the web interface extended to display and configure IPv6 options.

#6687 torouter dreamplug update to debian wheezy and 3.2 kernel Torouter enhancement Aug 24, 2012

wheezy (debian testing) probably be released in the next few months, so it seems reasonable to develop torouter for that target to ensure stability over the next few years. Also, several DreamPlug-specific changes were upstreamed into the mainline kernel and are present in wheezy.

AFAIK the required code changes would be updating the freedom-maker folder in torouter.git to a more recent version (either directly from b'dale or from nickdaly's version on github), redo source.list entries (backports not necessary?), and test that all required packages exist and function as expected under wheezy.

One road-blocker is that the more recent kernel seems to require an updated version of the u-boot bootloader on the DreamPlug, and the upgrade process requires the

The WiFi chipset still requires some third-party firmware and kernel module compilation (uap8xxx.ko == libertas_uap) with the 3.2 kernel.


hellais (3 matches)

Ticket Summary Component Milestone Type Created
#14060 Problem with install on Debian Wheezy (XEN-VirtuaMachine) Ooni defect Dec 31, 2014
  1. created xen machine with: xen-create-image --hostname ooni --dhcp --size=10Gb --swap=1Gb --memory=1024Mb --arch=amd64 --role=udev --dir=/home/xen (dhcp on WAN-Side NIC)
  1. Logged in
  1. apt-get install git vim sudo lsb-release && git clone https://github.com/thetorproject/ooni-probe
  1. ./setup-dependencies.sh -p

First Crash:


sudo pip install setuptools --no-use-wheel --upgrade

FAIL COMBINED STDOUT/STDERR OUTPUT OF FAILED COMMAND: Downloading/unpacking setuptools from https://pypi.python.org/packages/source/s/setuptools/setuptools-10.0.1.tar.gz#md5=abaf3b5d654eb525b9ca67c6d4522292

Running setup.py (path:/tmp/pip_build_root/setuptools/setup.py) egg_info for package setuptools

-->removed --no-use-wheel parameter -> works

  1. rerun ./setup-dependencies.sh -p

Second Crash

gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -I/usr/include/python2.7 -c dnet/dnet.c -o build/temp.linux-x86_64-2.7/dnet/dnet.o

In file included from dnet/dnet.c:22:0:

dnet/dnet.h:1:18: fatal error: dnet.h: No such file or directory

compilation terminated.

error: command 'gcc' failed with exit status 1

->apt-get install libdumbnet-dev -> works

  1. mkdir /root/.ooni
  1. cp /root/ooni-probe/data/ooniprobe.conf.sample ~/.ooni/
  1. python setup.py install -> seems to work
  1. the deck generation and testing seems to work too

oonideckgen --country-code=CH -o /root/.ooni/ ooniprobe -i /root/.ooni/deck-ch/0.0.1-ch-user-deck

  1. "not sure" if result really uploaded :) isn't there any message?

Doing the test lookups on www.yola.com Doing the test lookups on www.netaddress.com Doing the test lookups on www.outlook.com Doing the test lookups on www.paypal.com Starting factory <ooni.templates.tcpt.TCPSenderFactory instance at 0x3718248> Starting factory <ooni.templates.tcpt.TCPSenderFactory instance at 0x4a5d3b0> Starting factory <ooni.templates.tcpt.TCPSenderFactory instance at 0x489fd88> Doing the test lookups on www.torproject.org Doing the test lookups on www.transferbigfiles.com Doing the test lookups on www.tumblr.com Doing the test lookups on www.yola.com Starting factory <ooni.templates.tcpt.TCPSenderFactory instance at 0x46eb098> Checking for tampering on

total: False request_line_capitalization: False header_name_capitalization: False header_field_value: False header_field_number: False

Doing the test lookups on www.torproject.org Doing the test lookups on www.transferbigfiles.com Doing the test lookups on www.tumblr.com Doing the test lookups on www.yola.com Stopping factory <ooni.templates.tcpt.TCPSenderFactory instance at 0x3718248> Stopping factory <ooni.templates.tcpt.TCPSenderFactory instance at 0x4a5d3b0> Stopping factory <ooni.templates.tcpt.TCPSenderFactory instance at 0x489fd88> Stopping factory <ooni.templates.tcpt.TCPSenderFactory instance at 0x46eb098> Main loop terminated.

#12823 Design and implement new deck format Ooni enhancement Aug 7, 2014

The current test deck format has some limitations.

These are namely:

1) There is no way of making an input be part of the test deck itself

2) The format is too verbose and contains redundant information (all of the ooniprobe command line options need to be explicitly specified)

For this reason I think we should have a new format that makes it possible to include inputs as part of the test deck. The test deck should therefore be a compressed container (tar and gzip seem to be good candidates as they are well supported in python).

It should then be possible to reference input files that are part of the test deck itself.

#12904 ooniprobe doesn't work on Gentoo Ooni enhancement Aug 20, 2014

Trying to run ooniprobe from git: $ ./setup-dependencies.sh -u It appears that you are using an unsupported OS - please tell us by filing a bug: https://trac.torproject.org/projects/tor/newticket

I suppose it's documented behavior (from https://pypi.python.org/pypi/ooniprobe: "We believe that ooniprobe runs reasonably well on Debian GNU/Linux wheezy as well as versions of Ubuntu"...), but since it says to fill a bug report...

hiviah (1 match)

Ticket Summary Component Milestone Type Created
#13915 Tor no longer requires openssl on el7 RPM packaging defect Dec 8, 2014

The openssl libraries have been removed from the openssl package in el7. They are now in openssl-libs. The el7 rpms published in the Tor repo at https://deb.torproject.org/torproject.org/rpm/el/7/ are still configured to require "openssl >= 0.9.8". This forces openssl to be installed on systems that don't actually need it.

hkannan (1 match)

Ticket Summary Component Milestone Type Created
#17740 Unit Tests for Recent Consensuses Tor Tor: 0.2.8.x-final enhancement Dec 2, 2015

It would be great to have unit tests for the functions that return a recent consensus:


  • networkstatus_get_latest_consensus_by_flavor


  • networkstatus_get_latest_consensus
  • networkstatus_get_reasonably_live_consensus
  • networkstatus_consensus_is_boostrapping

irl (2 matches)

Ticket Summary Component Milestone Type Created
#7414 Test helper for Two Way traceroute Ooni enhancement Nov 8, 2012

When a client requests a two way traceroute test helper a traceroute from the collector to the client should be initiated.

#17964 Package all lepidopter dependencies in Debian Ooni task Dec 30, 2015

In order to allow for all the packages in lepidopter to be updated via the Debian archives, all the dependencies need to be packaged.

isis (1 match)

Ticket Summary Component Milestone Type Created
#12802 BridgeDB needs Nagios checks for the Email Distributor BridgeDB enhancement Aug 6, 2014

BridgeDB needs Nagios checks that the Email Distributor is working. The best way to do this would be to send an email to bridges@… which say "get help".

iwakeh (1 match)

Ticket Summary Component Milestone Type Created
#15753 add performance tests to Onionoo's project structure and add the corresponding Ant task Onionoo enhancement Apr 21, 2015

Make room for performance tests somewhere in src/ and write a separate Ant task to run them. (see parent #13616)

kaner (2 matches)

Ticket Summary Component Milestone Type Created
#2467 torweather refuses to accept the fingerprint of my relay. Tor Weather defect Jan 31, 2011

When i try and register my relay at https://weather.torproject.org/subscribe/ I get the message We could not locate a Tor node with that fingerprint.

4AC95D85CA324AD71E30F1D8C681D1DF6DAEDA8A is in /var/lib/tor/fingerprint the nickname is murble42 (http://torstatus.blutmagie.de/router_detail.php?FP=4ac95d85ca324ad71e30f1d8c681d1df6daeda8a)

This relay was previously a bridge if that is in any way related.

#7035 tor weather new relay script misinterprets emails addresses with dots in the name Tor Weather defect Oct 3, 2012

A relay oper sets up "user dot name AT example dot com" (user.name@…) for contact info in their contact line for their relay. tor weather inteprets this as name@…, missing the "user." part of the address.

karsten (4 matches)

Ticket Summary Component Milestone Type Created
#15798 details document differences: empty list shown differently Onionoo defect Apr 24, 2015

Karsten asked me to open a ticket for this, so I do.

Torprojects instance says: "flags":[] cthulhu's instance says: "flags":[""]

#17430 Top 10 countries graph Metrics defect Oct 27, 2015

on the main user stat page, we have the list of top ten countries connecting directly to Tor. and on the left side of the table, there's a huge white space.

Now I don't know if it's been left blank intentionally or not, but it'd be great to have a graph showing all the top ten countries with different colors on it.

#14862 agregate *BSD in relays by platform (and future bandwidth by platform) Metrics enhancement Feb 11, 2015


the metrics page currently shows the following platforms on the relay by platform graph:

  • Linux
  • Darvin
  • Windows
  • FreeBSD
  • Other


What do you think about chaning this to

  • Linux
  • Darvin
  • Windows
  • *BSD (includes: FreeBSD, OpenBSD, NetBSD, DragonFlyBSD)
  • Other (which would be SunOS + the ones that have an unknown platform)

current numbers for *BSD: FreeBSD: 204 OpenBSD: 60 NetBSD: 8 DragonFlyBSD: 2

(Background for this feature is that I would like to increase platform diversity by adding *BSD boxes and if they are agregated than they might be even noticable in the graphs.)

#6856 new graph: bandwidth by major Tor version and bandwidth by recommended flag Metrics enhancement Sep 15, 2012

It would be nice to have a graph similar to [1] but replacing the number of relays with overall traffic share.

example (numbers completely made up): 0.2.4 is handling 15% of the traffic 0.2.3 is handling 40% of the traffic ...

[1] https://metrics.torproject.org/network.html#versions

lunar (6 matches)

Ticket Summary Component Milestone Type Created
#10755 Provide support through webchat Tor Support task Jan 27, 2014

When doing support, there are some situation where it would be better to switch to a communication medium with lower latency than email. Having a way to do text based chats with our users sounds like a good idea.

This will be implemented by using an XMPP server allowing anonymous connections from a web interface on one side, and have the support team get accounts.

Users will be given access to chat-based support on an invitation basis. Support assistants will be able to create invitation “tokens” and will give out URLs to users when they need to.

This is part of SponsorO's deliverables.

#10890 Redirect “get bridges” messages automatically Tor Support task Feb 11, 2014

Users keep sending messages with “get bridges” to the help desk instead of sending them to BridgeDB. It's painful.

It would be best to automatically detect such emails and bounce them to BridgeDB without human intervention.

“Scrip” will need to be written in RT. Interesting bits of the documentation: http://requesttracker.wikia.com/wiki/WriteCustomAction http://requesttracker.wikia.com/wiki/ReplyBasedUponContent http://requesttracker.wikia.com/wiki/SendEmailAction

#10936 Document support policy about “rejected” tickets Tor Support task Feb 18, 2014

Karen would be happy if we can give stats regarding tickets we can't answer because users are asking to help them with illegal matters. “rejected” sounds like a good status for those. Let's talk and document this.

#10966 Define a process on how new support assistants can be accepted in the team Tor Support task Feb 20, 2014

The switch from having a single person handling all support request to a team was made through recruiting support assistants as a contracting position. It would be good to define a process on how new people can get accepted in the team. It's mostly a question of trust and probably we need to define a vouching process and a set of people that need to ack the decision.

#11177 Extract “time to reply” from the RT database Tor Support task Mar 10, 2014

In order to show nice charts to the sponsor, it would be good if we could extract from the RT database the time between a new message arrives on the help desk and the time to a reply.

Ideally, this should then be broken by ranges: eg. x% under 1 hour, y% 1-2 hours, etc.

#11355 Provide obfsproxy nightlies in our debian repositories Obfsproxy task Mar 28, 2014

People are asking for obfsproxy nightlies (#10954). It would be brilliant if people could add our debian repo, and get the latest obfsproxy master through it.

How can I help you do this?

No hurry on this one. I mainly made this ticket because #10954 was not very specific.


mikeperry (1 match)

Ticket Summary Component Milestone Type Created
#2161 Allow subscription to external rule feeds EFF-HTTPS Everywhere enhancement Nov 6, 2010

The ultimate direction we want to go is towards an adblock plus model, where people can subscribe to rule feeds that are relevant to them, maintained by third parties. This involves both altering our XML schema to include a 'rulefeed' envelope tag, and adding a bit of UI to add and manage subscription urls.

It also depends upon a few enhancements being completed first. These are in the child ticket list below:

n8fr8 (8 matches)

Ticket Summary Component Milestone Type Created
#2424 Android purges firewall rules after network disable/airplane mode. Orbot defect Jan 22, 2011

Setting my phone to disable data access and/or enable airplane mode seems to cause the transproxy iptables rules created by OrBot to get silently flushed. After re-enabling, all apps access everything without tor, until I go into the orbot config screen to cause it to reapply them.

OrBot should listen for these network disable/loss/disconnect events if possible, and reinstate the iptables rules after this happens.

Someone should also test if switching from cell data to+from wifi also triggers this iptables reset. I have not tested that yet.

#2761 Orbot Service not shutting down Orbot defect Mar 15, 2011

Behaviour: When closing tor network with big Button and exiting Orbot after tor is "deactivated", privoxy is still running and the Orbot service is not stopped.


  • Killing Privoxy from shell stops the privoxy process (OK)
  • Killing Orbot process simply restarts the process (BAD)


  • Running Orbot v1.0.4.1
  • Android Froyo 2.2.1 speedmod kernel
  • Samsung Galaxy

#3595 Connections with IPv4-mapped IPv6 addresses bypass transproxy Orbot defect Jul 14, 2011

A user (DEplan on #guardianproject) reported that Gibberbot was using his real IP despite Orbot's transproxy being turned on; further research led to the conclusion that recent releases of Android seem to use IPv4-mapped IPv6 adresses for a large portion of connections. For examples, please see http://pastebin.com/Z4KDDq40. These connections completely bypass transproxy.

I am not yet sure about the circumstances under which Android employs these addresses.

The problems in finding a solution are that Android usually does not include ip6tables (though Orbot could simply package that) and kernels do usually not include IPv6 netfilter modules. The latter is a major issue, since Orbot can't package modules for every single kernel a user might be running.

As a side note, IPv6 does not support NAT (which is what transproxying is based on).

I'll try to figure out what triggers this behaviour of Android and find possible solutions (using sysctl to disable IPv6 does not solve it).

#5393 orbot relay bug - orbot is not setting the relay values into torrc properly causing orbot to not work when set as relay Orbot defect Mar 15, 2012

This is about the bug discussed with 'n8fr8' on #guardianproject at freenode. So, the relay functionality you said was broken and needs to be fixed for 'orbot' on smartphones. I checked with the orbot version '' and you have checked with the 'dev branch of the code' as you said (i suppose that means you have checked with latest version of code by compiling and running the latest updated version from git; i will do it too and let you know again). But none seemed to work. In fact, you said you were getting a more significant crash, when you enabled relaying on smartphone for dev branch of code. You also thought if the problem is: whether the Relay conflict is with transproxying/root or with Tor client connection in general. But, i'm not sure if it later seemed not to be the problem. Then, you told me to change the torrc file on my android phone, as you said that orbot is not setting the relay values properly which might be the reason for orbot not working as a relay on smartphone. So, I will do that and let you know about it. I will also keep checking 'https://guardianproject.info/builds/Orbot/' to see if any new dev/debug release is posted. Thankyou so very much for all your help, Mr.Nathan.

#3775 Permission error on Orbot Orbot defect Aug 21, 2011

There's some kind of problem with permissions in Orbot. I'm not sure if this happens only to me, but when I try to start Tor, it cannot access cache/control_auth_cookie. I can chmod it every time, but it is a bit annoying.

#5469 Orbot: can't specify node restrictions Orbot defect Mar 24, 2012

I'm using Orbot (v0.2.3.10-alpha-1.0.7-FINAL, on Android ICS v4.0.1) and I can't seem to get the exit node I request. In the Exit and Entrance Node fields I have "{us}" entered, yet sometimes I get IP's outside the US. Yesterday I got a UK ip.

Also, at random (usually after 30 minutes or so) I seem to lose connection to the Tor network without Orbot notifying me. I'm using Pandora from Canada.

#6123 Unable to start Tor Orbot defect Jun 11, 2012

Tor is unable to start when I press the start button. The command is not run successfully according to a log.

#5700 Make/modify VoIP applications to work better on Tor Analysis project Apr 30, 2012

Depending on how hard it will be to make Tor handle VoIP applications people already want to use (#5699), we should explore how much mileage we can get out of making our own or modifying existing VoIP applications to work better on Tor. One example here is Roger's "push to talk" not-actually-realtime-but-close VoIP wishlist item that Nathan is working on.

nickm (23 matches)

Ticket Summary Component Milestone Type Created
#17702 Actually enable ed25519 collation. Tor Tor: 0.2.8.x-final defect Nov 26, 2015
+  if (consensus_method < MIN_METHOD_FOR_ED25519_ID_VOTING + 10/*XXX*/)

I think this + 10 is debugging code.

#4588 Tor + bufferevents hang on with cpu at 100% Tor Tor: unspecified defect Nov 27, 2011


After the last Tor update yesterday, Tor hang on with all cpu's at 100%. It look like that this problem appear after a couple hours and make the relay out of consensus too.

Tor version : " (git-58d1aa44023e8b45)" Libevent git version: commit f3b89dec9eac2cf4000c8dc9467abdbf27121674 I running Kubuntu Lucid 10.02.4 LTS bufferevents enabled vidalia 0.31-git OpenSSL 1.0.0e 6 Sep 2011

This problem was never appear before

Best Regards


#17150 Tor "Extrainfo digest did not match digest256 from routerdesc" Tor Tor: 0.2.7.x-final defect Sep 24, 2015

Installing tor the 2nd time in a row gives tons of these warnings :

Sep 24 23:00:53.000 [warn] router info incompatible with extra info (ri id: 000149E6EF7102AACA9690D6E8DD2932124B94AB, ei id 000149E6EF7102AACA9690D6E8DD2932124B94AB, reason: Extrainfo digest did not match digest256 from routerdesc)

#17668 moria1, with updated v3 cert: Bug: Generated a networkstatus consensus we couldn't parse. Tor Tor: 0.2.7.x-final defect Nov 24, 2015

On moria1, my v3 cert was going to expire soon, so I made a new one. At the same time, I decided to upgrade to git master ( (git-d939a83f5bc8ccf3)).

Now, each hour when moria1 tries to vote, it instead says

Nov 24 01:55:01.628 [notice] Time to compute a consensus.
Nov 24 01:55:01.687 [info] networkstatus_compute_consensus(): Generating consensus using method 20.
Nov 24 01:55:01.807 [notice] Computed bandwidth weights for Case 3a (E scarce) with v10: G=20194094 M=3719276 E=1504624 D=7084460 T=32502454
Nov 24 01:55:01.849 [warn] ID on signature on network-status vote does not match any declared directory source.
Nov 24 01:55:01.853 [info] dump_desc(): Unable to parse descriptor of type v3 networkstatus. See file unparseable-desc in data directory for details.
Nov 24 01:55:01.853 [err] networkstatus_compute_consensus(): Bug: Generated a networkstatus consensus we couldn't parse. (on Tor d939a83f5bc8ccf3)
Nov 24 01:55:01.857 [warn] Couldn't generate a ns consensus at all!
Nov 24 01:55:01.858 [info] networkstatus_compute_consensus(): Generating consensus using method 20.
Nov 24 01:55:01.970 [notice] Computed bandwidth weights for Case 3a (E scarce) with v10: G=20194094 M=3719276 E=1504624 D=7084460 T=32502454
Nov 24 01:55:02.020 [warn] ID on signature on network-status vote does not match any declared directory source.
Nov 24 01:55:02.021 [err] networkstatus_compute_consensus(): Bug: Generated a networkstatus consensus we couldn't parse. (on Tor d939a83f5bc8ccf3)
Nov 24 01:55:02.027 [warn] Couldn't generate a microdesc consensus at all!
Nov 24 01:55:02.027 [warn] Couldn't generate any consensus flavors at all.

Now I have one of these v3 consensus documents sitting in my $datadir/unparseable-desc. It looks pretty normal.

I wonder if we broke "moving to a new certificate" somewhere in there?

#18253 (Sandbox) Caught a bad syscall attempt (syscall chown) Tor Tor: 0.2.8.x-final defect Feb 5, 2016


tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0
tail -F /var/log/tor/log
Feb 05 23:15:14.000 [notice] Bootstrapped 0%: Starting
Feb 05 23:15:14.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Feb 05 23:15:14.000 [notice] Bootstrapped 85%: Finishing handshake with first hop
Feb 05 23:15:15.000 [warn] sandbox_intern_string(): Bug: No interned sandbox parameter found for /var/run/tor (on Tor )
Feb 05 23:15:15.000 [notice] Opening Control listener on /var/run/tor/control

============================================================ T= 1454710515
(Sandbox) Caught a bad syscall attempt (syscall chown)

This doesn't happen on 0.2.7.x

#1749 Split relay and link crypto across multiple CPU cores Tor Tor: unspecified project Jul 29, 2010

Right now, Tor does nearly all of its work in one main thread. We have a basic "CPUWorker" implementation that we use for doing server-side onionskin crypto in a separate thread, but thanks to improvements long ago, server-side onionskin crypto on longer dominates. If we could split the work of relay AES-CTR crypto and SSL crypto across multiple threads, that would be pretty helpful in letting high-performance servers saturate their connections. (Blutmagie has wanted this for some while.)

Child Tickets:

Parallel Crypto: Design a good crypto parallelization plan and architecture
Make relay crypto run on multiple CPU cores

#15940 Make a standard transition plan for killing off a client version Tor Tor: 0.2.8.x-final task May 6, 2015

Parent ticket for transitioning current and future client versions off the tor network with a minimal amount of pain.

#15941 Form a plan for killing off client versions which assume they'll live forever Tor Tor: 0.2.8.x-final task May 6, 2015

From at least 0.2.4 to 0.2.6, tor client versions assume that they will keep on using the network forever. They have no "request to stop" code or other mechanisms that prevent them becoming a drain on the network.

It would help to plan their transition out at some point, so we can work out what to do to make version obsolescence in future.

See #15233 for killing off 0.2.2 and 0.2.3

#17273 Complete a design for isolating Tor modules Tor Tor: 0.2.8.x-final task Oct 7, 2015

We've been kicking this around for a while; we should actually commit to something in a text file so we can argue about it. December is a good target.

#3428 Control port may emit log messages in the middle of another event/reply Tor Tor: unspecified defect Jun 18, 2011

If the following call to connection_printf_to_buf in handle_control_getinfo in src/or/control.c fails, it may emit a LOG control-port event in the middle of a reply:

    if (!strchr(v, '\n') && !strchr(v, '\r')) {
      connection_printf_to_buf(conn, "250-%s=", k);
      connection_write_str_to_buf(v, conn);
      connection_write_str_to_buf("\r\n", conn);
    } else {

I expect that other output functions can emit log messages in the middle of a control port event or reply, too. We should make sure that never happens, by making all control-port code build each complete reply/event in a separate buffer before writing any of it out, and adding an event/reply queue to the control_connection_t structure.

#17621 Document the files in $datadir/keys, maybe in the man page? Tor Tor: 0.2.8.x-final defect Nov 17, 2015

Nick and I were just pondering the legacy v3 signing key feature. I told him to go to the man page and look for the word 'legacy'. Then I actually did it: I found "V3AuthUseLegacyKey", but no further instructions on how to use it.

I assume the next step is for people who want to use it to go to src/or/config.c and track down other words that include the substring "egacy".

Is there some better place to look? Should the man page list at least the possible filenames in $datadir/keys/ ?

#18211 No interned sandbox parameter found for /var/lib/tor/keys/ed25519_signing_secret_key_encrypted Tor Tor: 0.2.8.x-final defect Feb 2, 2016

When I use the "Sandbox 1" option in my torrc for an exit node, I get the following :

[warn] sandbox_intern_string(): Bug: No interned sandbox parameter found for /var/lib/tor/keys/ed25519_signing_secret_key_encrypted (on Tor ).

The file is probably missing from the whitelist ?

#6836 Chop functionality out of routerlist.c Tor Tor: 0.2.??? enhancement Sep 13, 2012

In my branch "split_routerlist.c", I have the start of some work on dividing routerlist.c into more sensible pieces. I've chopped out routerset_t, killed a couple of functions, and moved most of the node manipulation pieces into nodelist.c

I'd still like to chop out more: the trusted_dir_server_t logic and the node-selection logic don't belong there any more. Nor does the authority certificate code. Nor does the hidden service directory stuff, nor does the hexdigest stuff.

In the longer term, I want routerlist.c to basically just not get invoked when you're not touching routerinfos.

#8018 path-spec does not discuss guard rotation Tor Tor: 0.2.8.x-final enhancement Jan 20, 2013

It is known (http://cacr.uwaterloo.ca/techreports/2012/cacr2012-11.pdf) that clients rotate their guard sets every 30-60 days (length randomly chosen). This behavior is not discussed in the path specification (torspec.git/path-spec.txt). This is important for users and researchers to understand security.

#16792 Have a way to mark lines as "unreachable by unit tests" Tor Tor: 0.2.8.x-final enhancement Aug 13, 2015

It would be great to have a way to tell the test coverage code "this line won't be reached by tests, so don't worry about it." This would let us have a prayer of reaching 100%.

#17127 Fix and re-enable --master-key option, possibly --out (for keys) and possibly --nopass for non-interactive key generation Tor Tor: 0.2.8.x-final enhancement Sep 22, 2015

See #16769 -- it proposed a few command-line arguments to make ed25519 key management easier. I got one of them implemented, but the rest weren't ready for 0.2.7.

#17983 Build tor with -fwrapv by default Tor Tor: 0.2.8.x-final enhancement Jan 3, 2016

If the CFLAGS passed to tor don't contain -ftrapv (or the undefined behaviour sanitiser), let's build with -fwrapv.

This resolves #13538 non-intrusively, and prevents an entire class of integer safety bugs. (That said, wrapping can hide some issues rather than resolving them.)

#449 dns failures prevent legitimate options being set Tor Tor: unspecified defect Jun 9, 2007

Outright hostname lookup failures for previously configured hidden services prevent other options being set while DNS is down.

For example, I configure a hidden service redirecting to google.com while DNS is working. DNS subsequently stops working, e.g. nameserver becomes completely unreachable. If I then attempt to set a config option using the controller, it will not get set as long as tor cannot resolve the hidden service name.

Rejection of hidden service configurations (and hence any subsequent or unrelated config change) made while tor is running needs to be more tolerant of lookup failures.

The following attempts to validate the hidden service config currently in use (and previously validated when DNS was working). If the validation fails, it must be because DNS is down, so the existing config is retained. If the user was attempting to add a new hidden service config, then it doesn't get added.

Index: src/or/config.c =================================================================== --- src/or/config.c (revision 10545) +++ src/or/config.c (working copy) @@ -963,10 +963,15 @@



  • if (running_tor && rend_config_services(options, 0)<0) {
  • log_warn(LD_BUG,
  • "Previously validated hidden services line could not be added!");
  • return -1;

+ if (running_tor && rend_config_services(options, 1)<0) { + log_warn(LD_CONFIG, + "Previously validated hidden services line no longer valid! Retaining existing hidden services config if there is one."); + }else{ + if (rend_config_services(options, 0)<0){ + log_warn(LD_BUG, + "Previously validated hidden services line could not be added!"); + return -1; + }


if (running_tor) {

@@ -2920,9 +2925,10 @@




if (rend_config_services(options, 1) < 0)

REJECT("Failed to configure rendezvous options. See logs for details.");

- +*/

if (parse_virtual_addr_network(options->VirtualAddrNetwork, 1, NULL)<0)

return -1;

[Automatically added by flyspray2trac: Operating System: All]

#4373 When we close a conn due to bad CERTS cell, we complain about stuff in our outbuf Tor Tor: unspecified defect Nov 1, 2011

While looking at bug #4371, here's what my client said:

Nov 01 04:30:45.000 [warn] Certificate not yet valid: is your system clock set incorrectly?
Nov 01 04:30:45.000 [warn] (certificate lifetime runs from Nov  1 12:15:08 2011 GMT through Oct 31 12:15:08 2012 GMT. Your time is Nov 01 08:30:45 2011 GMT.)
Nov 01 04:30:45.000 [notice] We stalled too much while trying to write 512 bytes to address "".  If this happens a lot, either something is wrong with your network connection, or something is wrong with theirs. (fd 14, type OR, state 7, marked at command.c:995).

Looks like we had already written our netinfo cell to the outbuf, but hadn't flushed it. Since I'm a client and this was an OR connection, it gets to be severity notice. Fun.

For the client side, I think this bug might be resolved by the proposed fix to #4361.

But my directory authority experiences something similar: Nov 01 06:04:10.000 [info] conn_close_if_marked(): Conn (addr "", fd 1609, type OR, state 7) marked, but wants to flush 916 bytes. (Marked at command.c:995) Nov 01 06:04:10.000 [info] conn_close_if_marked(): We stalled too much while trying to write 916 bytes to address "". If this happens a lot, either something is wrong with your network connection, or something is wrong with theirs. (fd 1609, type OR, state 7, marked at command.c:995). I wonder what's sitting in its outbuf.

#7869 ntor-onion-key is padded with an equal sign Tor Tor: unspecified defect Jan 5, 2013

Replying to sonu:

ntor-onion-key Od2Sj3UXFyDjwESLXk6fhatqW9z/oBL/vAKJ+tbDqUU=

The unnecessary “=” at the end of that string needs to go away now, or every Tor client will have to download a thousand or so of them every week forever.

#14987 Settle on a name for descriptors Tor Tor: 0.2.??? defect Feb 22, 2015

As discussed on #14784 we call self-published descriptors quite a few things...

  • 'GETINFO desc/*' and Stem call the main self-published descriptors server descriptors. Metrics also uses a "server-descriptor 1.0" annotation for them.
  • The dir-spec calls them router descriptors... usually. It opts for 'server descriptor' in section 6.2.
  • CollecTor calls them relay descriptors.

Having three different names is confusing for new contributors and... well, us too. We should standardize on a name.

This primarily straddles Tor's spec, Stem, and CollecTor. Personally I'd like for us to standardize on server descriptors because it's codified in the Metrics annotation and classes Stem vends.

Karsten, Nick: any objections? If not then I'm happy to provide a spec patch and file a CollecTor ticket for this.

#18133 In OfflineMasterKey mode master keys are not supposed to be available, do not suggest they should be Tor Tor: 0.2.8.x-final enhancement Jan 23, 2016

When Ed25519 signing keys expire tor logs the following messages:

(1) [notice] It looks like I should try to generate and sign a new medium-term signing key, because the one I have is going to expire soon. But OfflineMasterKey is set, so I won't try to load a permanent master identity key is set. You will need to use 'tor --keygen' make a new signing key and certificate.

(2) [notice] It looks like I need to generate and sign a new medium-term signing key, because the one I have is expired. To do that, I need to load the permanent master identity key.

(3)[warn] We needed to load a secret key from .../tor/keys/ed25519_master_id_secret_key, but couldn't find it. Did you forget to copy it over when you copied the rest of the signing key material?

(4)[warn] Can't load master identity key; OfflineMasterKey is set.

(5)[err] Unable to update Ed25519 keys!  Exiting.

(3) suggests that one forgot to copy the master key, but in such a setup OfflineMasterKey 1, the masterkey is not supposed to be there, so the warn message could be replaced with "please provide tor with new valid Ed25519 signing keys/cert" (or similar) instead of suggesting to the user that it should copy the master key to the relay - which is not recommended, no?

#16598 fsync ed25519 master key files before closing them. Tor Tor: 0.2.??? defect Jul 15, 2015

Weasel says this is a good idea, and IMO it can't hurt.

nito (1 match)

Ticket Summary Component Milestone Type Created
#3663 Fatal error on Mixminion Mixminion-Client defect Jul 29, 2011

Error message coming up for all commands. Below a couple I get

Traceback (most recent call last):

File "mixminion.py", line 25, in ? File "mixminion\Main.pyc", line 333, in main File "mixminion\ClientMain.pyc", line 1208, in runClient File "mixminion\ClientMain.pyc", line 960, in init File "mixminion\ClientDirectory.pyc", line 116, in init File "mixminion\ClientDirectory.pyc", line 369, in load File "mixminion\Common.pyc", line 604, in readPickled

AttributeError: 'module' object has no attribute 'CachingDescriptorSource'

Traceback (most recent call last):

File "mixminion.py", line 25, in ? File "mixminion\Main.pyc", line 333, in main File "mixminion\Main.pyc", line 279, in commandShell File "mixminion\Main.pyc", line 333, in main File "mixminion\ClientMain.pyc", line 1872, in cleanQueue File "mixminion\ClientUtils.pyc", line 730, in getHandlesByAge File "mixminion\ClientUtils.pyc", line 867, in loadMetadata File "mixminion\Filestore.pyc", line 397, in loadAllMetadata File "mixminion\Filestore.pyc", line 420, in getMetadata


pde (6 matches)

Ticket Summary Component Milestone Type Created
#3777 Should not generate mixed-content warnings if rewriting all http to https EFF-HTTPS Everywhere defect Aug 21, 2011

As far as I can tell, Firefox produces mixed-content warnings on an https page that references resources (images, scripts, etc) via http, even if HTTPS Everywhere can rewrite all of those http URLs to use https. (HTTPS Everywhere does rewrite resource requests, right?)

Ideally, if HTTPS Everywhere successfully rewrites every http request from a page to an https request, the page should not generate a mixed content warning. (Though I'd still like to see some indication that the page was only secure due to HTTPS Everywhere, so I know to report the insecure resources to the site owner.)

#4122 Google Translate breakage EFF-HTTPS Everywhere defect Sep 28, 2011

Google Translate for whole webpages is broken again. (HTTPS-Everywhere 1.0.3, FF 8) Instead of the translation, you get multiple copies of the Google translate header underneath each other.

#4278 MSDN navigation breakage (due to Origin: header omission?) EFF-HTTPS Everywhere defect Oct 20, 2011

Reported here: https://bugzilla.mozilla.org/show_bug.cgi?id=694611

Test case:

Clicking on the fold-out tabs on the left of this page produces no results:


#6276 Hiding the context menu button breaks the Tools->HTTPS Everywhere menu EFF-HTTPS Everywhere defect Jul 2, 2012

When you drag the httpse icon from the urlbar to 'menu_bar.view.toolbars.customize' window you lose the 'menu_bar.tools.https_everywhere' drop down menu content for httpse, though the menu item itself is still there. At that point, the only way to configure httpse is via 'about:addons'. Or of course to restore the icon to the urlbar.

Seems to me the drop down menu content should remain regardless of where the icon is, or is not.

FF 10.0.3 ESR HTTPS-E v2.1

#6592 HTTPS Everywhere Causes WordPress.com Zemanta Media Gallery To Not Work EFF-HTTPS Everywhere defect Aug 11, 2012


Every version of HTTPS Everywhere that I have tested has caused a problem with at least one of the common websites that I visit, so I finally am reporting one of these problems.

When using WordPress.com with Zemanta enable, the Media Gallery/Recommended Images show up, but the hover feature that allow you to preview images does not work and clicking images to add them to your post does not work when HTTPS Everywhere is installed.

Here is an example of what Zemanta looks like on WordPress.com:


I am using HTTPS Everywhere in the latest Firefox and have had this problem in other versions of Firefox, and with various versions of HTTPS Everywhere.

I think this problem happens even if HTTPS Everywhere is disabled, but once uninstalled the problem stops, but I could be wrong.

Thank you, -John Jr :)

#7454 Active rules list doesn't indicate effects of securecookie if no URL rewrite took place EFF-HTTPS Everywhere defect Nov 12, 2012

We just had a bug reported about a securecookie rule that applied to all of MIT (including pages that don't support HTTPS at all!) and was breaking logins.

However, the ruleset in question didn't appear in the active rules menu, because no rewrite rule was triggered on the page in question -- only a securecookie. This made the problem take slightly longer to debug and made it harder for affected users to work around. The existing logic for deciding which rules are "active" on the current pages seems to be triggered solely by rewrite rules.

Since securecookie rules affect page rendering and can even break it, rulesets containing them should also show up in the active rules menu when they were applied to a resource on the current page.

phobos (1 match)

Ticket Summary Component Milestone Type Created
#10338 [hw14] Upgrade Tor's virtual machine infrastructure Tor Sysadmin Team Upgrade Tor's VM Infrastructure project Dec 10, 2013

We need to upgrade our infrastructure to build a ganetti cluster out of new hardware to handle the increased load and demand for VM space.

These are the tickets tracking https://trac.torproject.org/projects/tor/wiki/org/projects/2013InfrastructureUpgrade

phoul (2 matches)

Ticket Summary Component Milestone Type Created
#13951 Add EFF technologists as maintainers for the HTTPS Everywhere transifex strings Translations defect Dec 12, 2014

I think I used to have the ability to edit all of our translated strings, but it now says, "to translate you need to be logged in and a members of the $LANG team" (I am logged in).

EFF technologists we should add:

pde schoen jsha jgillula cooperq

#11123 Setup Nagios probes for the webchat support system Tor Support defect Mar 3, 2014

The webchat support system needs to be monitored by our Nagios installation.

This will require help from the TSA, but we should tell us exactly what to setup and eventually write complementary probes.

rl1987 (4 matches)

Ticket Summary Component Milestone Type Created
#13827 Cell handling code duplication in channel.c Tor Tor: unspecified defect Nov 23, 2014

In 336c856e52d211aad6b40d29986264f3277a1327 :

  • channel_get_var_cell_handler() and channel_get_cell_handler() looks very similar
  • channel_write_cell(), channel_write_packed_cell() and channel_write_var_cell() is mostly duplicated code.
  • so are channel_queue_cell() and channel_queue_var_cell()

We should refactor to reduce the code duplication.

#3029 We should save received documents before parsing them Tor Tor: unspecified enhancement Apr 28, 2011

We should have an option to make Tor save every document it receives from the network before it tries to parse it. That way, if we crash while we're handling the document, we can know what crashed us.

Also, everything that stores an unparseable/unreadable thingy should be able to save more than one of them.

#3272 There should be a way to undo TAKEOWNERSHIP Tor Tor: unspecified enhancement May 23, 2011

It seems like it would be neat to have a way for a controller that has called TAKEOWNERSHIP to later relinquish "ownership" and tell a Tor process that it should not, in fact, exit if the controller exits.

I'm leaving this in the "Unspecified" milestone for now, since despite the fact that it seems we should obviously want this, I can't think of an actual usecase.

#15554 Put some actual hsdescs in the unit tests for parsing Tor Tor: 0.2.??? enhancement Apr 2, 2015

Right now our test_rend_fns() function in src/test/test.c builds a "rend_service_descriptor_t *generated", and then it encodes it, and then it parses it, to make sure it gets the expected descriptor back. That's a great start.

But there are now several different versions of the descriptor format in play, and our unit tests by definition only test the one that the current Tor version generates.

Also, it would be easier to play around with "how Tor handles it if you take that stanza out of the descriptor" experiments, if there are some actual descriptors in the unit tests.

Good idea / bad idea?

rransom (1 match)

Ticket Summary Component Milestone Type Created
#3459 Expose information about dir conns to controllers Tor Tor: unspecified enhancement Jun 24, 2011

Currently, we do not expose any information about non-tunneled directory connections to controllers. Should we?

saint (3 matches)

Ticket Summary Component Milestone Type Created
#14569 Download-Easy page don't make other languages obvious Website defect Jan 31, 2015

dcf and mrphs brought up that the language select section is really small when not using javascript -- most people probably scroll right past it. In tutorials, people are using English-language screenshots, which is kind of interesting.

Proposed fix is to increase the font size to 1.1em. Long-term, it would be great to remove all javascript from these pages.

#13154 Debian's "popularity contest" package as threat vector? Tor bundles/installation enhancement Sep 13, 2014

I am wondering whether to force-uninstall Debian's popularity-contest package as part of Stormy's installation process. It would be good to have an idea how popular Stormy is, but on the other hand, I'm not sure how anonymous the reporting is on Debian's end.

This is also relevant for users of the tor package, who might also be at mild risk (though far less so because the number of users is so high, and doesn't reveal location of location-hidden services).

Anyone have opinions on this? I'm leaning towards checking if popularity-contest is installed and then asking if the user would like it to be removed.

EDIT: We should also discuss whether to remove it as part of Tor's installation process overall.

#9360 increase font size in trac Service - trac defect Jul 31, 2013

Whenever I visit trac I find the fonts hard to read. The file https://trac.torproject.org/tor.css has the following lines inside:

body, th, td {
 font: normal 13px Verdana,Arial,'Bitstream Vera Sans',Helvetica,sans-serif;

So the font-size is set to 13px. I would propose to change it to 1.0em. This sets the font-size to the value the users has set for normal texts. So it should reflect the users choice.

Maybe can also change the font sizes of the headings. The current setting in tor.css is:

h1 { font-size: 19px; margin: .15em 1em 0.5em 0 }
h2 { font-size: 16px }
h3 { font-size: 14px }

In relative terms the settings should be like:

h1 { font-size: 1.5em; margin: .15em 1em 0.5em 0 }
h2 { font-size: 1.2em }
h3 { font-size: 1.1em }

teor (1 match)

Ticket Summary Component Milestone Type Created
#17913 TestingClient option missing from manual Tor Tor: 0.2.8.x-final defect Dec 22, 2015

Hi Nick, in the burst of new config options being added to the tor manual one was missed...


ultrasandwich (2 matches)

Ticket Summary Component Milestone Type Created
#10479 Export blog posts from current blog Blog 2014 Tor Blog Replacement task Dec 23, 2013

Export everything in some sane format for future imports (html vs. markdown?)

#10480 Export comments from current blog Blog 2014 Tor Blog Replacement task Dec 23, 2013

Export comments from current blog in some sane format and some ability to import the threads, etc. into a new system.

yawning (1 match)

Ticket Summary Component Milestone Type Created
#15593 Bring sanity to the tor side of the PT shutdown process. Pluggable transport Tor: 0.2.??? enhancement Apr 5, 2015

This is the final phase of my great PT shutdown process cleanup as a follow up to #15545.

Now that there's a portable mechanism to signal termination to PTs (close the stdin), we should change the PT shutdown process to allow graceful termination to look like this:

  1. Close stdin (and on U*IX, send a SIGTERM, PT behavior here is equivalent).
  2. Wait for a grace period (~1 sec?)
  3. If the child still is not dead, send a SIGKILL/TerminateProcess(). (Failsafe)

This fixes #9330 in that, PTs that wish to trap a graceful shutdown on Windows have a way to do so, despite the final stage of the process killing the PT in the most violent way possible as a failsafe (realistically, PTs should exit shortly after step 1).

Note: See TracReports for help on using and creating reports.