Opened 5 years ago

Closed 3 years ago

Last modified 3 years ago

#14273 closed task (fixed)

Investigate missing Tor Browser patches to make Unix Domain Socket option work

Reported by: gk Owned by: mikeperry
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-security, TorBrowserTeam201608R
Cc: brade, mcs, whonix-devel@…, arthuredelstein Actual Points:
Parent ID: #14270 Points:
Reviewer: Sponsor: SponsorU

Description

In: https://bugzilla.mozilla.org/show_bug.cgi?id=892114 Mozilla implemented support for AF_UNIX sockets. We should look at the patch and estimate whether we need something more to implement support for it into Tor Browser.

Child Tickets

Change History (14)

comment:1 Changed 4 years ago by gk

Summary: Investigate missing Tor Browser patches to make SocksSocket option workInvestigate missing Tor Browser patches to make Unix Domain Socket option work

comment:2 Changed 4 years ago by gk

Owner: changed from gk to mikeperry
Status: newassigned

comment:3 Changed 4 years ago by brade

Cc: brade mcs added

comment:4 Changed 4 years ago by proper

Cc: whonix-devel@… added

comment:6 Changed 4 years ago by arthuredelstein

Cc: arthuredelstein added

comment:7 Changed 3 years ago by gk

Priority: MediumHigh
Sponsor: SponsorU

comment:8 Changed 3 years ago by gk

Keywords: TorBrowserTeam201608 added

Getting important SponsorU things on our August radar.

comment:9 Changed 3 years ago by gk

Severity: Normal

mcs/brade: Do you think you could look into whether we could just backport the relevant patches to ESR 45 (as far as I can see only the one in 1211567 is relevant, but maybe I am missing something)? That way we could get all the things for unix domain sockets landed for the next alpha and could start experimenting for realz.

comment:10 in reply to:  9 Changed 3 years ago by mcs

Replying to gk:

mcs/brade: Do you think you could look into whether we could just backport the relevant patches to ESR 45 (as far as I can see only the one in 1211567 is relevant, but maybe I am missing something)? That way we could get all the things for unix domain sockets landed for the next alpha and could start experimenting for realz.

Eventually we will want UI fixes as well (https://bugzilla.mozilla.org/show_bug.cgi?id=1294611) but backporting 1211567 seems to be sufficient to make things work on OSX (and presumably Linux as well).

In fact, we already backported this in order to test our #19733 patch. If I remember correctly, we did not need to make any changes to the patch. Here it is:
https://gitweb.torproject.org/user/brade/tor-browser.git/commit/?h=mozbug1211567-02&id=797ee78de0992d98e0a1239177bbb456dd3ec1e8

comment:11 Changed 3 years ago by gk

Keywords: TorBrowserTeam201608R added; TorBrowserTeam201608 removed
Status: assignedneeds_review

Yes, as soon as the UI fixes are made they are a good candidate for cherry-picking.

comment:12 Changed 3 years ago by mcs

Thinking about this some more, for the alpha I assume we want to use Unix domain sockets by default on Linux and OSX. That means we should change torrc-defaults to use a path for SocksPort and ControlPort. And then we will need to change the browser's network.proxy.socks pref value to match the SocksPort value. The pref value needs to be a file: URL and of course the SocksPort and ControlPort directives need to look like unix:/path/to/socket.

Do you want Kathy and me to create appropriate patches for tor-browser and builders/tor-browser-bundle?

Last edited 3 years ago by mcs (previous) (diff)

comment:13 in reply to:  12 ; Changed 3 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Replying to mcs:

Thinking about this some more, for the alpha I assume we want to use Unix domain sockets by default on Linux and OSX. That means we should change torrc-defaults to use a path for SocksPort and ControlPort. And then we will need to change the browser's network.proxy.socks pref value to match the SocksPort value. The pref value needs to be a file: URL and of course the SocksPort and ControlPort directives need to look like unix:/path/to/socket.

Do you want Kathy and me to create appropriate patches for tor-browser and builders/tor-browser-bundle?

That would be neat. You could use #14270 for that or create a new child ticket of it for this task I guess.

FWIW the rebased Mozilla patch looks good to me. It is applied on tor-browser-45.3.0esr-6.5-1 (commit cde73b2295b75898ca435ed9f78541eccf6c34cb).

comment:14 in reply to:  13 Changed 3 years ago by mcs

Replying to gk:

Do you want Kathy and me to create appropriate patches for tor-browser and builders/tor-browser-bundle?

That would be neat. You could use #14270 for that or create a new child ticket of it for this task I guess.

I created a new ticket because we need to discuss some design issues: #20111.

Note: See TracTickets for help on using tickets.