July 2013 - tor-qa - lists.torproject.org

Tor 0.2.4.15-rc packages available for testing
by Erinn Clark 09 Jul '13

09 Jul '13

Hey everyone! Tor's experimental version has moved one step closer to stable with its latest -rc release. I have some packages up for testing. In order to prevent confusion with the 3.x series of TBB (which are actually alpha), the "regular" alpha TBBs have been renamed to beta. Packages: https://people.torproject.org/~erinn/qa/alpha/0.2.4.15-rc/ sha256sums: https://people.torproject.org/~erinn/qa/alpha/0.2.4.15-rc/sha256sums-0.2.4.… Turnaround: 24h Thanks, Erinn

3 4

Re: [tor-qa] Urgent: test stable 64-bit Linux TBBs (Checksec)
by Jeffrey Walton 02 Jul '13

02 Jul '13

On Tue, Jun 11, 2013 at 5:44 PM, Erinn Clark <erinn(a)double-helix.org> wrote: > Another update. Use this one instead: > > https://people.torproject.org/~erinn/qa/stable/tor-browser-gnu-linux-x86_64… > 182a3ff7b5a707cbc84c6919f3c6514e4561c583bf754df0e8c91067f6ab4f73 tor-browser-gnu-linux-x86_64-2.3.25-9-dev-en-US-TEST2.tar.gz > >From Tobias Klein's checksec (http://www.trapkit.de/tools/checksec.html) ***** tor-browser_en-US$ checksec.sh --file App/vidalia RELRO STACK CANARY NX PIE RPATH RUNPATH FILE No RELRO No canary found NX enabled No PIE No RPATH No RUNPATH App/vidalia Missing --stack-protector or --stack-protector-all, -fPIE, -pie, -Wl,-zrelro and -Wl,-z,now. Probably missing FORTIFY_SOURCES=2 ***** tor-browser_en-US$ checksec.sh --file App/Firefox/firefox RELRO STACK CANARY NX PIE RPATH RUNPATH FILE No RELRO No canary found NX enabled No PIE No RPATH No RUNPATH App/Firefox/firefox Missing --stack-protector or --stack-protector-all, -fPIE, -pie, -Wl,-zrelro and -Wl,-z,now. Probably missing FORTIFY_SOURCES=2 ***** tor-browser_en-US$ checksec.sh --file App/tor RELRO STACK CANARY NX PIE RPATH RUNPATH FILE Full RELRO No canary found NX enabled No PIE RPATH No RUNPATH App/tor Missing --stack-protector or --stack-protector-all, -fPIE, -pie, -Wl,-zrelro and -Wl,-z,now. Probably missing FORTIFY_SOURCES=2

1 0

Re: [tor-qa] Urgent: test stable 64-bit Linux TBBs (Fedora 18)
by Jeffrey Walton 02 Jul '13

02 Jul '13

On Tue, Jun 11, 2013 at 5:44 PM, Erinn Clark <erinn(a)double-helix.org> wrote: > Another update. Use this one instead: > > https://people.torproject.org/~erinn/qa/stable/tor-browser-gnu-linux-x86_64… > 182a3ff7b5a707cbc84c6919f3c6514e4561c583bf754df0e8c91067f6ab4f73 tor-browser-gnu-linux-x86_64-2.3.25-9-dev-en-US-TEST2.tar.gz Same shutdown issue with Fedora 18.

1 0

Re: [tor-qa] Urgent: test stable 64-bit Linux TBBs (Ubuntu 13)
by Jeffrey Walton 02 Jul '13

02 Jul '13

On Tue, Jun 11, 2013 at 5:44 PM, Erinn Clark <erinn(a)double-helix.org> wrote: > Another update. Use this one instead: > > https://people.torproject.org/~erinn/qa/stable/tor-browser-gnu-linux-x86_64… > 182a3ff7b5a707cbc84c6919f3c6514e4561c583bf754df0e8c91067f6ab4f73 tor-browser-gnu-linux-x86_64-2.3.25-9-dev-en-US-TEST2.tar.gz > $ uname -a Linux ubuntu 3.8.0-19-generic #29-Ubuntu SMP Wed Apr 17 18:16:28 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Vidalia and Browser starts OK. HTTPS Everywhere is allowing me to visit Yahoo without SSL/TLS. In fact, entering https://www.yahoo.com redirects me to http://www.yahoo.com/?s=https. For completeness, it looks like the IP of the exit node is 222.3.5.198. Shut down is not clean, and a subsequent `./start-tor-browser` results in some issues. See the discussion for Debian 6. Jeff

1 0

Re: [tor-qa] Urgent: test stable 64-bit Linux TBBs (Debian 6)
by Jeffrey Walton 02 Jul '13

02 Jul '13

On Tue, Jun 11, 2013 at 5:44 PM, Erinn Clark <erinn(a)double-helix.org> wrote: > Another update. Use this one instead: > > https://people.torproject.org/~erinn/qa/stable/tor-browser-gnu-linux-x86_64… > 182a3ff7b5a707cbc84c6919f3c6514e4561c583bf754df0e8c91067f6ab4f73 tor-browser-gnu-linux-x86_64-2.3.25-9-dev-en-US-TEST2.tar.gz > $ uname -a Linux debian-6-x64 2.6.32-5-amd64 #1 SMP Fri May 10 08:43:19 UTC 2013 x86_64 GNU/Linux Vidalia and Browser started OK. Navigated to a few multimedia sites OK. Shut down is not clean. After closing Browser and then Control Panel, components appeared to be lingering in memory: $ ps -A ... 2625 pts/0 00:00:00 start-tor-brows 2642 pts/0 00:00:10 vidalia 2645 pts/0 00:00:01 tor 2648 ? 00:00:00 sh 2649 ? 00:00:00 run-parts 2653 ? 00:00:00 apt 2676 ? 00:00:00 sleep 2706 pts/1 00:00:00 bash 2719 pts/1 00:00:00 ps A subsequent `./start-tor-browser` results in some issues. For example, I was warned about a previous running instance of Vidalia, and then get prompted for a password (I did not set a password previously). http://postimg.org/image/hs3u0rcyp/ and http://postimg.org/image/ft8or2mut/. Jeff

1 0

Quick test of 3.0-alpha-2
by Mike Perry 01 Jul '13

01 Jul '13

Finally, we have a 3.0 build that fully matched on two different build machines for all bundles for the 3.0-alpha-2 series. I'm still waiting on a third confirmation, but since these bundles contain the 17.0.7-ESR security release (which is over a week old now), I want to get them out ASAP. If anyone is willing to try these and report any major issues, that would be great. I will be posting these on the blog as soon as I hear back from Georg Koppen and get a detached signature from him and Linus Nordberg. Here's my builds: https://people.torproject.org/~mikeperry/3.0-alpha-2/ Here's Linus's matching builds: https://people.torproject.org/~linus/downloads/tbb-3.0alpha2-build5-c0242c2… Here's the ChangeLog: https://gitweb.torproject.org/builders/tor-browser-bundle.git/blob/HEAD:/Bu… Here's how you reproduce your own identical bundles: https://gitweb.torproject.org/builders/tor-browser-bundle.git/blob/HEAD:/gi… The tor-browser-bundle.git commit used is c0242c24bed086cc9c545c7bf2d699948792c1e3, with signed tag tbb-3.0alpha2-build6. If anyone does this, I'd also love to hear if there are any differences. -- Mike Perry

3 3