[tor-project] Tor Browser team meeting notes, 1 July 2019
gk at torproject.org
Tue Jul 2 12:19:00 UTC 2019
Here come the notes from our first weekly Tor Browser meeting in July.
The IRC log can be found at:
The items from our pad are copied below:
- state of the onion at dev meeting, applications/browser part
(GeKo: pospeselr stepped up and will present Tor Browser things;
potential items are: mobile release, security settings, accessibility
support for Windows, looking forward to S27 onion services and esr68
- reviews (#30549, #31041, #28672, #30863, #30577, #30683)
- gave #10760 a first review pass while working on reviews for
- patch for #30849 (backport of two sec-moderate bugs)
- finally finished aarch64 support patch for mobile (#28119)
- spent some time thinking about integrating the snowflake pt
for android (#30318) (GeKo: I'll ask the Guardian Project folks about a
way forward here)
- wrote patches for macOS toolchain update for with esr68
(#30323): I got everything built I think (there was just a packaging
error in the firefox build step), we need to clean up things a bit, though
- hackerone work
- (mozilla all hands) backlog
- filed https://bugzilla.mozilla.org/show_bug.cgi?id=1561589 for
getting a mozilla-esr68 branch on gecko-dev
- release prep (including patch for #30468)
- reviews (above all first full pass on #30429, hopefully mobile
patches as well (#31010), and #27503 for the alpha)
- begin of the month team admin stuff
mcs and brade:
- Worked on #30000 (Integrating client-side authorization to
onion services v3).
- Posted work-in-progress patches for the Onion Services
client auth prompt (#30237).
- Made some test builds available that include this feature.
- Reviewed and tried to test the #18101 patch (IP leak from
Windows/macOS UI dialog with URI).
- Finally tested Snowflake on macOS 10.9 for #26251.
- Review for #30683 (Properties in dom/locales/$lang/chrome/
allow detecting user locale).
- Prepare for travel to the Stockholm meeting.
- Out of the office Thursday and Friday (U.S. Independence Day
- Upcoming: #30126 (Make Tor Browser on macOS compatible with
- Upcoming: #29197 (remove use of overlays from Tor Launcher)
- Upcoming: #30429 (ESR 68 Rebase — updater patches).
- rebasing and integrating review feedback
- discovered and worked on a fix for a bug introduced in my widl
patch-set where valid IDL would generate invalid headers
- hopefully finish fixing said issue today and then back on
track for getting patchset ready for second round of reviews later this week
- Opened PR for Orbot Changes:
- #31047: Resources Should Match Orbot (Issue also raised in #30199)
- #31042 - VPN Module - lots of fixes since we ignored this code
previously/ (not needed for tor browser but need to keep in sync with Orbot)
- Refactored tor android service and orbot code to make separation
easier to maintain.
- Orbot has moved to using info.pluggabletransports libraries. I need
to start looking into the code of this project. If we go this route, it
will be done through TOPL, which contains the PT dependencies. (Do we
want to build these ourselves or are these precompiled native libraries
how we want to do it?) Also #31045 - JSocks now has prebuilt dependency
- #31049 - Orbot Using Tor Service - we should start looking into this
as soon as everything is in sync (Is this the direction we want?)
- Work on Settings in TOPL. Orbot has introduced new settings that
could be useful. I also need to incorporate the ipv6 settings currently
in patch as part of this.
- #30144 - Update tor binaries (What version do we target for next
release?) (GeKo: The latest and greatest. :) In general I like to move
as fast on mobile as desktop, to help the network team finding mobile
specific bugs; but that requires our own tor. We are not there yet,
though. :( )
- updated patch for #30549 (Add script to remove expired
sub-keys from a keyring file)
- fixed build reproducibility issues for #28672 (Android
reproducible build of Snowflake)
- reviewed #28119 (Provide Tor Browser for Android for arm64-v8a
- started looking at #30321 to try to build 32bit mar-tools
- Update patch for #28672 (Android reproducible build of
Snowflake) after review
- Add android aarch64 nightly builds (#31054)
- look how we can build 32bit mar-tools:
- look at remaining failing testsuite tests
- check that archive.tpo rsync scripts are working correctly on
the new machine for #29697
- help with releases builds
- Clean up keyring files (#30548), using the scripts added in #30549
Backlog and ticket triage
68esr rebase (opened #31010)
Looked into "interaction avec l'application Gmail sur Android"
(#30584) - multiple reports of this
Continuing mobile patch rebase
More bug triage
Preparing for travel
AFK some parts of this week
- Filed bugzilla tickets for #26514 and #24056. #21830 will
hopefully soon by fixed in
- Add Fundraising Banner with next TBB security update (#30577).
- Addressed review comments for #10760.
- Small fix for #31041.
- Follow up bugzilla tickets, investigate/file tickets for
#23104 and #26353.
- Continue torbutton cleanup/refactor (#28745)
- Learned that the alloc/dealloc mismatch on Windows with jemalloc
also affects x64 too. Disabled jemalloc on -central :(
We'll need to disable it on esr68 too, hasn't been landed yet.
Going to go back to Jacek/Martin and see if we can figure things out here
- Temporarily disabled mingwclang builds on -central due to missing
APIs for a patch landing. Hopefully fixing that today/this week
- Investigating AppContainer sandboxing. Seems possible to use this
to disable access to networking from Windows content processes
although it will not be trivial work.
Also seems like using it may write registry values or something
related to disk indicating the name of the profile. =/
- I noticed Gary has a patch for the fingerprinting ftp:// timezone
issue \o/ [GeKo: Where?
(https://bugzilla.mozilla.org/show_bug.cgi?id=1560574) Could we test
that one in the upcoming 9.0a4 alpha?]
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the tor-project