Hello!
Our weekly meeting logs are here: http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-04-23-16.58.html
Below are our notes from the meeting.
= Network team meeting pad, 23 April 2018 =
Welcome to our meeting! Mondays at 1700 UTC on #tor-meeting on OFTC.
(This channel is logged while meetings are in progress.)
Want to participate? Awesome! Here's what to do: 1. If you have updates, enter them below, under your name. 2. If you see anything you want to talk about in your updates, put them in *boldface*! 3. Show up to the IRC meeting and say hi!
Note the meeting location: #tor-meeting on OFTC! (See https://lists.torproject.org/pipermail/tor-project/2017-September/001459.htm... for background.)
== Previous notes == 5 March: https://lists.torproject.org/pipermail/tor-project/2018-March/001685.htmlyy 26 March: https://lists.torproject.org/pipermail/tor-project/2018-March/001695.html 3 April: https://lists.torproject.org/pipermail/tor-project/2018-April/001705.html 9 April: https://lists.torproject.org/pipermail/tor-project/2018-April/001723.html 16 April: https://lists.torproject.org/pipermail/tor-project/2018-April/001739.html
== Stuff to do every week =
* Let's check and update the roadmap. What's done, and what's coming up?
url to roadmap: https://docs.google.com/spreadsheets/d/1Ufrun1khEo5Cwd6OwngERn829wU3W3eskdrr...
* Check reviewer assignments at https://docs.google.com/spreadsheets/d/1Ufrun1khEo5Cwd6OwngERn829wU3W3eskdrr...
* Check rotations at https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/TeamRota...
== Announcements ==
* Remember to "/me status: foo" at least once daily.
* Remember that our current code reviews should be done by end-of-week.
* Make sure you are in touch with everybody with whom you are doing 0.3.4.x work.
* Important dates: * May 15, 2018 -- 0.3.4.x feature freeze! 3 WEEKS LEFT.
* Remember: don't spend more than a day working on anything that isn't on the 033 or 034 milestones.
== Discussion ==
* How much should we do with travis and how much do we leave to jenkins? (See #25814)
* What is blocking 0.3.3-stable?
* Should we consider any 034-proposed items? Here's a useful query that finds 0.3.4 tickets that are recently modified, and don't have code: https://trac.torproject.org/projects/tor/query?status=accepted&status=as... - Mike wants #25883 (some control port events) - gk wants #25895 (rust cross-compiling for Windows)
These ones seem ok: - dgoulet added #19665 (client port counts) as an essential part of periodic events (Sponsor 8) - nickm added #25828 as a bugfix found in #25373 token buckets (Sponsor 8)
== Updates ==
Nick: * Last week: * CI rotation: - added coveralls support to travis (25818) - fixed numerous 32-bit issues found by jenkins - fixed a couple of windows issues found by jenkins - fixed a distcheck issue found by jenkins - wrote a patch to have travis handle distcheck - addressed failing rust builds on jenkins (25813) * Wrote tricky patch to replace token-bucket refill events (every 100ms) with as-needed refills. 25373 * Wrote patch to fix nonfatal assertion failures in 033 (25691/25692) * Reviewed pending patches (25762, 24660, 24659) * Attended prop291 meeting (two-guard discussion). * Fixed clang scan-build issues * Wrote fixes for various small tickets on 034 milestone. * This week: * Work with dgoulet to make second_elapsed_callback less overengineered * Review, merge, revise. * More small 034 tickets, time permitting * Coverity rotation
Mike: * Last week: * Wrote a patch for #25733 * Cleaned up #25400 * Looked into jenkins a bit to try to help figure out how to email build-breakers automatically (#25819) * Ran prop 291 meeting + notes + tickets + mailinglist posts * Ran vanguard simulator a bunch; found some bugs; wrote some patches. * Wrote patch for #25870 (fix vanguard restrictions -- I think this is our best bet for restrictions in 0.3.3/0.3.4) * Implemented a ton of vanguard script pieces (bandwidth checks, relay use frequency checks) * Stumbled on #25883 (no control port stream events for onion services on service side). * This week: * Really want to fix #25883 for 0.3.4. May need some help/tips. * Get vanguards repo closer to release quality
teor: * Last week: * Wow, collecting privacy-preserving statistics is time-consuming * Bandwidth file spec review (we are down to formatting and nitpicks now) * Continued to help with bandwidth measurement (sbws) * Added new authorities to the testnet * Tor SoP reviews * Security patch discussion * Code reviews on nonfatal asserts (25691/25692), consensus method pruning (24378, prop#290) * Closed some really old trac milestones, sent an email to tor-dev about the rest * This week: * Analyse the last collection results * Configure and schedule the next collection * Start writing up & reviewing
dgoulet: * Last week: - Ticket work (See timeline). - #25226 got merged so #25824 followed. - Worked on #25762 and worked with nickm on some other roadmap items about reducing client CPU usage. - I did a full days of work on Torsocks. I'm waiting on feedback on one ticket before releasing. I will probably just release if I don't hear back this week from the author of the patch. - Some work happened in the bad-relays world as well. * This week: - I'll try to finalize with nickm some roadmap items we've been working together (#25500 master ticket). - Short list of bugs for 034: #25761, #25577 - If possible, continue modularization work with #25610 - No rotation role for me this week.
catalyst: * last week (2018-W16): - reviewed updates to #25511 (getinfo current-time/*) - control-spec.txt changes to support #25511 (getinfo current-time/*) - also some spec spelling fixes (#25871) caught during review - reviewed #25727 (bool in rust ffi) [*isis, were you able to poke rust people about stuff?*] - did some thinking about #25756 (loosening "consensus from the future" tolerance) with input from nickm - sponsor8 reporting stuff - expense accounting stuff * this week (2018-W15): - code review - continue working on #25061 (spurious connection warnings logged by relay) - look more at #25756 - other 033 or 034 work as needed
ahf: Last week: Sponsor 8: - Moved our test s8 onion to a new host. Did some minor tweaks to our site. - Looked at Isa's S8 reporting. - Cross compiled Tor/Orbot for Android-ARM64. Now running Orbot locally with that for test (#25496). Misc: - Progress on #25245: easy to trigger if you inject a lot of traffic to an exit in a Chutney network, but difficult to trigger otherwise. Worked on making it easier to debug. - Go over the interview content with the version2 journalist about Tor. - Participated in a radio show with a host I know from BornHack about Tor. - Think(hopefully?) managed to solve logistics around being able to go to Mozilla All Hands after Seattle. Now waiting for OK from Mozilla. - Reviewed #25140 This week: Sponsor 8: - 0.3.4 work: either network idleness controller interface or conditionally compiled modules. - Talk with Hans about what we need to do to get #25496 (0.3.4 ARM64 work) into an Orbot release. Misc: - Land patches for #25245 (0.3.3). - CI duty. Question: our Jenkins have looked very sad, should I prioritize some time on this during the week?
asn: Last week: - Participated in meeting on 2-guards (prop#291). - After the meeting, I submitted a patch for #25843 as was arranged and started testing the 2-guard proposal. I also posted a pseudo-proposal on a possible future for path restrictions in: https://lists.torproject.org/pipermail/tor-dev/2018-April/013085.html - Worked on improving the vanguard simulator, fixing bugs found by mike, and implementing more features (#23978). - Reviewed #24688 and #23693. - Started a thread on replay protection and ed25519 malleability as part of #25552. Ian suggested some possible avenues which I think are worth following. Isis also suggested some alternative avenues based on xeddsa and vxeddsa. I plan to read more into these generalized DSA protocols this week and decide if we can fit them for 034, they seem quite interesting. Perhaps a plausible approach would be to do Ian's simple approach for now, and switch to vxeddsa in the future. Not sure. I plan to read more about this this week, I find it very interesting. - Will be secondary mentor for the ahmia project in SoP this year. This week: - Continue work on 2-guard proposal and vanguards. - Read more about vxeddsa for #25552. - Test haxxpop's hsv3 client auth - Suggest some tasks for the Ahmia SoP student. - More reviews.
haxxpop: last week: - Finish the client auth in the v3 onion service (excluding the intro auth) and it's ready for testing now! ( https://github.com/torproject/tor/pull/36 ) You can test it by adding `HiddenServiceAuthorizeClient basic <client_name>` on the service torrc and `HidServAuth <onion address> <base64-encoded x25519 private key>` on the client torrc You can get the private key from `client_authorized_privkeys/<client_name>.privkey` on the service file directory *Could anyone test it soon and, if possible, add it to the next release?* [asn: Yes I will definitely test and start the review procedure! Did you also do intro auth or just desc auth?] [haxxpop: just desc auth, because I still don't know which file to put clients' ed25519 public keys] [asn: ok we can figure this out. i guess you'd like us to give it initial review/testing before doing intro auth, right? makes sense.] [haxxpop: yes. In fact, I think desc auth and intro auth are independent features. We can launch the desc auth without intro auth, if we want. ]
- next week:
- - Probably take a break ;)
pastly: last week: - started testnet authority and convinced people to trust it - feed sbws testnet results to the authority - changed sbws v3bw file units from bytes to KB so they'd be comparable to torflow - faq additions, glossary - sbws scanner (client) performs periodic reachability tests for sbws servers - sought input from dirauths about running sbws servers vs changing sbws to use http servers - signed up to mentor juga for bw scanning work - publish sbws docs at http://d7pxflytfsmz6uh3x7i2jxzzwea6nbpmtsz5tmfkcin5edapaig5vpyd.onion/ this week: - (today, definitely) *make sbws open source** [asn: boom!!!]*
- see https://github.com/pastly/simple-bw-scanner
- publish sbws docs at readthedocs - unit tests - probably change from requiring sbws servers to using http(s)
isis: last week: - reviewed a patch to do `make distcheck` on travis #25814 - reviewed a patch to use coveralls from travis #25818 - did the hook/account setup for getting coveralls to start publishing to https://coveralls.io/github/torproject/tor - revised patches to expose our RNG in rust #24660 - responded to code review on #24659 - lunch meeting with trevor perrin about malleability in HS crypto and hash domain separation in post quantum key exchanges - reviewed #25515 again - long emails to lists about TROVE-2018-005 and HS crypto malleability #25552 - more work on wide create cells #25647 this week: - finish #25647