[tor-project] Tor Browser Team Meeting Notes, 03 February 2020

Matthew Finkel sysrqb at torproject.org
Wed Feb 5 16:15:02 UTC 2020

Hello everyone,

We held our weekly meeting on Monday, 03 February. The meeting log is
available at

The meeting primarily consisted of a summary of discussions we had at
last week's Mozilla All-Hands meeting. We are also beginning our
transition off of Mozilla's ESR train and onto the Release train.

Meeting notes:

Week of February 3, 2020
    Future plans

mcs and brade:
    Last week:
        - Sponsor 27 work:
            - Responded to more review feedback in #19757 (permanent storage of client auth keys).
            - Continued implementation work for #19251 (onion services error page).
        - Code reviews.
    This week/upcoming:
        - Revise our patch for #19757 (permanent storage of client auth keys).
        - Follow up with the Network Team on some issues that acat found while reviewing #19757.
        - Continue to work on #19251 (onion services error page).

Jeremy Rand:
    Last week:
        Finished notes on Namecoin subtasks that might be relevant to Tor which we could ask for NLnet funding for, sent list to Matt in case he can easily think of something that I've left out.  @sysrqb not sure if you've had a chance to glance at my email yet -- I hope I'm not bombarding you with too much info there... is the info I provided at all helpful?  Have I omitted anything that jumps out at you?
        Got sidetracked with non-Tor-related Namecoin things that needed to be dealt with, so didn't yet finish the tor-talk mailing list post.
    This week:
        Finish the tor-talk mailing list post draft, send to Matt so he can let me know if I've inadvertently left something out.

   Last Week:
   - #32991/32992 - created and integrate LZMA and ZSTD compression libraries for tor. Both projects building. Also verified compiling with tor project.
   - #28704 - Tor Build for Android - some discussions around blocking issue. Three possible approaches: 1) Move to JNI load libraries from Android or 2) try LD_LIBRARY_PATH or 3) static compile (verified as working). Going to try 2) and fallback to 3) if it doesn’t work.
   This week:
   #28704 - test and decide on approach. Will be testing with all libraries including compression libraries. Will respond to feedback, so we can try to wrap up this week.
   #32993 - package tor-android-service: add new shared libraries to packaging
   #32200 - OpenSSL flags - this issue deals with some suggested flags for building openssl for Android. We need to make some calls on which ones we want to add
   #28704 - minor issue regarding use of pck-config that I want to fix

    Last week:
        - Some reviews: #32891, #27903, #32700, #32870
        - Made patch for #32493 (adding MOZ_SERVICES_HEALTHREPORT to mozconfig)
        - Started looking quickly at #32650 (Check translations for bogus characters)
        - Looked at blog comments
    This week:
        - Try to help with #32650 (Check translations for bogus characters)
        - Try to finish remaining things for #18867 (Ship auto-updates for Tor Browser nightly channel)
        - Review #32456 (Add a question in support.tpo about anti-virus reporting a virus in Tor Browser)
        - More reviews
        - Help with build of the new releases

 - Ethan has cancelled our every-other-week uplift meeting and monthly meeting.
   - Not enough Mozilla work to justify continuing, we can do them on demand
 - Wrote patches for Ion/BaselineJit for Trusted Principals: https://bugzilla.mozilla.org/show_bug.cgi?id=1599226
 - At All Hands worked on reproducible Windows builds:
   - It works in esr68; but not -central.
   - The differences include clang 8 vs 9, llvm-mingw, rust, and fortify_source/stack protector
     - glandium had mentioned a clang 9 reproducibility regression he saw on clang 9 for linux
     - he can't tell me if that's the same problem I have
   - When I reverted to clang 8 in -central it still had the same problem, so it must be something else from that list
   - Reverting llvm-mingw and fortify_source/stack protector broke things in a strange way
   - I can try one or two small things here, but otherwise I fear I will wind up having to put this aside...

    Last week:
        - Continued #28005 PoC implementation (https-everywhere .onion redirects)
        - Reviews: #27268, #19757, #32948
    This week:
        - Revise #31395 (Remove inline <script> in aboutTor.xhtml).
        - Continue #28005 work.

    Last week:
        Mozilla All Hands
        Future Tor Browser planning
    This week:
        Reviews, reviews, reviews
        Writing some emails about planning
        Reply to Jeremy

    Last week:
        Been at Mozilla's All Hands meeting
        Worked on RLBox (I got it working)
        Design doc update
    This week:
        Re-doing RLBox branch and further testing
        Moar design doc update



More information about the tor-project mailing list