Opened 3 years ago

Closed 3 years ago

#21326 closed defect (fixed)

Sec. "Using a system-installed Tor process with Tor Browser" in start-tor-browser needs update

Reported by: cypherpunks Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: TorBrowserTeam201701R
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Starting from TBB 6.5 the Sec. "Using a system-installed Tor process with Tor Browser" in start-tor-browser script is no longer valid. The old recommendations were:

# SETTING NAME VALUE
# extensions.torbutton.banned_ports [...],<SocksPort>,<ControlPort>
# extensions.torbutton.block_disk false
# extensions.torbutton.custom.socks_host 127.0.0.1
# extensions.torbutton.custom.socks_port <SocksPort>
# extensions.torbutton.inserted_button true
# extensions.torbutton.launch_warning false
# extensions.torbutton.loglevel 2
# extensions.torbutton.logmethod 0
# extensions.torbutton.settings_method custom
# extensions.torbutton.socks_port <SocksPort>
# extensions.torbutton.use_privoxy false
# extensions.torlauncher.control_port <ControlPort>
# extensions.torlauncher.loglevel 2
# extensions.torlauncher.logmethod 0
# extensions.torlauncher.prompt_at_startup false
# extensions.torlauncher.start_tor false

I cannot comment on torlauncher options, because I don't use tor launcher. As concerns torbutton options:

Instead of extensions.torbutton.banned_ports we now have option network.security.ports.banned. Isn't it? If yes, we should replace.

Option extensions.torbutton.block_disk is absent in about:config.

Instead of old 6 options:
extensions.torbutton.custom.socks_host
extensions.torbutton.custom.socks_port
extensions.torbutton.socks_host
extensions.torbutton.socks_port
network.proxy.socks
network.proxy.socks_port
which had to be adjusted accordingly, now we have only network.proxy.socks and network.proxy.socks_port in about:config. So, these options should be used instead of options extensions.torbutton.custom.socks_host, extensions.torbutton.custom.socks_port, and extensions.torbutton.socks_port in start-tor-browser script.

Option extensions.torbutton.settings_method is absent in about:config, it seems to be not necessary anymore.

Option extensions.torbutton.use_privoxy is absent in about:config.

Somebody should check new configuration and these my suggestions.

If somebody is managing TBB with system-installed Tor without TBB access to ControlPort (Tor chains must be restarted manually when needed), now the configuration is pretty simple:

  1. Remove tor-launcher@torproject.org.xpi file.
  2. Start TBB: $ cd tor-browser_en-US/Browser ; ./start-tor-browser --debug
  3. Go to Edit -> Preferences -> Advanced -> Network. Change host and port for SOCKS proxy (if needed).
  4. Disable automatic updates in Edit -> Preferences -> Advanced -> Updates (if you check PGP signatures and update TBB manually).

Child Tickets

Change History (4)

comment:1 in reply to:  description Changed 3 years ago by mcs

Replying to cypherpunks:

Somebody should check new configuration and these my suggestions.

Thanks. I think what you suggested is correct. I will post a patch in a few minutes.

If somebody is managing TBB with system-installed Tor without TBB access to ControlPort (Tor chains must be restarted manually when needed), now the configuration is pretty simple:

  1. Remove tor-launcher@torproject.org.xpi file.
  2. Start TBB: $ cd tor-browser_en-US/Browser ; ./start-tor-browser --debug
  3. Go to Edit -> Preferences -> Advanced -> Network. Change host and port for SOCKS proxy (if needed).
  4. Disable automatic updates in Edit -> Preferences -> Advanced -> Updates (if you check PGP signatures and update TBB manually).

I recommend that you not remove Tor Launcher; just disable it in the Add-ons Manager or add TOR_SKIP_LAUNCH=1 to the environment before starting Tor Browser (that way incremental automatic updates can be used if desired).

comment:2 Changed 3 years ago by mcs

Keywords: TorBrowserTeam201701R added; start-tor-browser removed
Status: newneeds_review

comment:3 Changed 3 years ago by cypherpunks

And here is a patch for start-tor-browser

Thanks! It looks good.

I recommend that you not remove Tor Launcher; just disable it in the Add-ons Manager or add TOR_SKIP_LAUNCH=1 to the environment before starting Tor Browser (that way incremental automatic updates can be used if desired).

Browser is not started if I do just this:

$ cd /path/to/tor-browser_en-US/Browser
$ TOR_SKIP_LAUNCH=1 ./start-tor-browser --debug

To get it started I need at least one extra option:

$ TOR_SKIP_LAUNCH=1 TOR_SKIP_CONTROLPORTTEST=1 ./start-tor-browser --debug

then disable tor-launcher add-on and fix proxy settings. However, even after this fix tor-browser continues to send packets to 127.0.0.1:9151 at each restart (option TOR_SKIP_CONTROLPORTTEST doesn't prevent it). That's minor thing, but it adds garbage to logfiles of my firewall.

Version 0, edited 3 years ago by cypherpunks (next)

comment:4 Changed 3 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Applied to master, maint-6.5, and hardened-builds (commits 57fed3156c39a29d742a4f9a535edcea2cb733e0, a02be8d3897859489daaf07679f25088857d5bdb, and 46d7d6b7da4457bb60e2c69ddb79b5d17fa95ba1), thanks.

Note: See TracTickets for help on using tickets.