Opened 7 years ago

Closed 7 years ago

Last modified 6 years ago

#10509 closed defect (invalid)

skip TOR_SKIP_LAUNCH=1 environment variable not honored

Reported by: proper Owned by: brade
Priority: High Milestone:
Component: Applications/Tor Launcher Version:
Severity: Keywords:
Cc: proper, mikeperry, mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Even though the TOR_SKIP_LAUNCH=1 environment variable is set, TorLauncher still issues the following Tor control port commands.

GETCONF HTTPSProxy
GETCONF Socks4Proxy
GETCONF Socks5Proxy
GETCONF ReachableAddress
GETCONF UseBridges
GETCONF Bridges

And more. (Some SETCONF if you change settings there.)

This is a problem, because when there is deliberately no (or limited) access to Tor's control port (such as in a transparent proxy environment), then Tor Button -> Open Network Settings will lead to the following error.

Unable to retrieve Tor settings.

Please ensure that Tor is running.

When the TOR_SKIP_LAUNCH=1 environment variable is set, please do not use any TorLauncher features. Or alternatively, could you add please another environment variable to turn these control port command off?

Changing proxy settings is still useful in such environments (for example for configuration of arbitrary Tor SocksPorts (for stream isolation) or connecting to other (local) proxies such as proxies for circumventing Tor bans or the local i2p proxy).

The new Tor Button (in TBB 3.x) -> Open Network Settings seems to change proxy settings in Tor's internal settings. On the other hand, the old Tor Button (in TBB 2.x) -> Open Network Settings changed Firefox's proxy settings.

Whether changing Firefox's proxy settings is still supported or not might be another ticket? Seems like changing Firefox's proxy settings is not possible at the moment? Because when you go to Firefox -> Edit -> Preferences -> Advanced -> Network and add an extra http proxy, then Tor Button indicates, that it's disabled. (Tor Button is crossed out with a red cross and shows a "Tor disabled" tooltip when hoovering over it with the mouse.)

Child Tickets

Change History (5)

comment:1 Changed 7 years ago by mcs

Cc: mcs added

comment:2 Changed 7 years ago by mcs

The TBB 3.x Torbutton still includes a "Preferences" menu item that allows modification of proxy settings. I cannot say for sure whether everything there works correctly but it should.

TOR_SKIP_LAUNCH=1 is not about avoiding access to the control port... it just means that some other process is responsible for starting tor. We could modify Torbutton to recognized an environment variable that causes the "Open Network Settings" menu item to be hidden or disabled.

Is the situation you describe common (no access to the control port)? I would guess that will be the case with Whonix.

Another option would be to disable or remove the Tor Launcher extension, but that would leave the "Open Network Settings" menu item intact (it just would not do anything). Of course that could also be fixed (in Torbutton).

comment:3 in reply to:  2 ; Changed 7 years ago by proper

Replying to mcs:

The TBB 3.x Torbutton still includes a "Preferences" menu item that allows modification of proxy settings.

Yes. Sorry, I missed that.

I cannot say for sure whether everything there works correctly but it should.

I open tickets against TorButton should anything not work. Seems like everything still working.

TOR_SKIP_LAUNCH=1 is not about avoiding access to the control port... it just means that some other process is responsible for starting tor.

Sounds reasonable. Seems like this ticket may be closed as invalid.

We could modify Torbutton to recognized an environment variable that causes the "Open Network Settings" menu item to be hidden or disabled.

That's be good. Created #10632 for it.

Is the situation you describe common (no access to the control port)?

Mike Perry said, that there are a few people using Tor Browser behind a TransProxy or with system Tor. (In that sense, don't remember where he said that, but in that sense.)

I would guess that will be the case with Whonix.

In Whonix there is either limited* (by Control Port Filter Proxy) or optionally if the user prefers no access to Tor's control port.

*Whitelist, contains only "AUTHENTICATE", "GETINFO net/listeners/socks", "GETINFO status/bootstrap-phase", "SIGNAL NEWNYM", "QUIT" at the moment. Everything else, such as the dangerous "GETINFO address" is blocked.

comment:4 in reply to:  3 Changed 7 years ago by mcs

Resolution: invalid
Status: newclosed

Replying to proper:

In Whonix there is either limited* (by Control Port Filter Proxy) or optionally if the user prefers no access to Tor's control port.

*Whitelist, contains only "AUTHENTICATE", "GETINFO net/listeners/socks", "GETINFO status/bootstrap-phase", "SIGNAL NEWNYM", "QUIT" at the moment. Everything else, such as the dangerous "GETINFO address" is blocked.

Thanks for the info about Whonix. I wasn't aware of their CPFP component. Interesting stuff.

Resolving this bug as invalid.

comment:5 in reply to:  2 Changed 6 years ago by proper

Replying to mcs:

We could modify Torbutton to recognized an environment variable that causes the "Open Network Settings" menu item to be hidden or disabled.

#14100: Toggle NetworkSettings menuitem visibility based on an environment variable

Note: See TracTickets for help on using tickets.