Torbrowser 4.0.3 lacks required "user_pref" preferences of TorButton on fresh extension's installation.
This may be hard to reproduce but start tor browser with a blank profile, an EMPTY folder and run "firefox.exe -p" to create it, copying the "extensions" folder to that profile from the tor browser bundle "tor browser\data\browser\profile.default\extensions..." so that it adds https-everywhere, noscript, and torbutton back in the profile.
When torbutton installs itself, it doesn't add the following settings as user_pref's:
-
extensions.torbutton.socks_remote_dns [true/false]
-
extensions.torbutton.saved.socks_remote_dns [true/false]
-
extensions.torbutton.custom.socks_remote_dns [true/false]
-
extensions.torbutton.custom.socks_version ![4/5]
-
extensions.torbutton.socks_version", ![4/5]
- (extensions.torbutton.saved.socks_version does get installed)
I understand the reason these settings may not be there at first is because no one has configured torbutton to have any "custom" settings; however, when someone does specify custom custom proxies in tor button, they don't get put there at that time either.
These settings should be put in torbrowser when torbutton installs/reinstalls itself; they can even be left set as NULL until they are configured/used by tor button.
By not doing so, it can cause torbrowser (firefox.exe itself) to panic and have a hard time making connections in ssl, specifically https://addons.mozilla.org, and cause these SSL connections to time out. It will also cause connections in standard http to crawl while causing torbutton to not have control of the connection settings in tor browser without hitting "restore defaults" in torbutton.
As said, for testing, there are no other extensions than noscript,torbutton, and https-everywhere. Flash was set to "always ask" (thus diabling option in torbutton to 'disable Plugins') along with private mode (first option in torbutton preferences) NOT being enabled. Other than setting custom proxies in torbutton, not one other setting is changed from default in tor brower or tor button.
Torbutton settings are set to redundantly use either one of the five running tor NT services remotely over the lan on the domain controller, automatically load balanced by the domain contollers. Whether or not the client work stations utilize tor brower, they all use tor for tunneling recursive lookups to the root nameservers. Tor's dns server function are listening on port 153 and forwarded queries by the real dns server for the domain.
I understand this is not how people normally use tor browser, having a clean profile instead of using the one that comes with tor browser bundle and accessing tor's client services over the lan, not running tor.exe locally; however, this is for RFC whitepaper purposes for deploying tor browser over a domain. You always make it uniform for deployment to work in the scenarios you don't expect it to; I already have another ticket open for tor browser itself not wanting to parse windows variables, in order to deploy this over the windows domain.
So, all it takes for this bug is someone creating a new profile using torbrowser in their windows user profile (once we hopefully get the other bug fixed to allow the use of "%profile%" in the profiles.ini path) and our domain controller copying a $h/preferences/extension_overrides.js from our default skeleton (so that they will be able to use our tor services), along with the 3 default extensions to $h/extensions. Then, because preferences torbutton looks for to modify and then copy over to torbrowser's preferences are missing, those preferences of torbrowser don't get created and, thus, seem to cause torbrowser to have intermittent connection problems.
When first starting torbrowser and configuring it as described above (and attached below), it won't resolv dns. When you clear cache and restart it to try to remedy any issues with cache, it resolves dns but now takes a while, along with crawling connections, even when the connection is set in tor button/firefox OR the proxy server to bypass tor for that specific domain (i.e. lan web server).
Fixing this should be as simple as making tor button install the settings defined above and, as said, they can even be set to null or anything you like, just as long as they're there.
Trac:
Username: johnakabean