Opened 5 months ago

Closed 4 months ago

Last modified 3 months ago

#25089 closed defect (fixed)

Tor bundle: Special characters not escaped in proxy password

Reported by: ro0ter Owned by: brade
Priority: Medium Milestone:
Component: Applications/Tor Launcher Version:
Severity: Major Keywords: TorBrowserTeam201802R, tbb-backported
Cc: mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

First of all, the proxy password (if any) is stored plain-text in the torc file (\Browser\TorBrowser\Data\Tor\torrc)......

Using the pound character "#" inside the proxy password (line HTTPSProxyAuthenticator) will not save anything which is after the pound character (including the character). Some companies have a strict policy regarding passwords therefore it is required to use such characters (unfortunately I managed to get to this character as well, forced by the password expiry policy + old password policy).

This is also reproducible with version 7.5 (2018-01-23 build) of Tor bundle.

Currently I am unable to use Tor on my PC with my user+password.

Is there an easy fix? Are there some escape characters?

Child Tickets

Change History (18)

comment:1 Changed 5 months ago by ro0ter

Component: - Select a componentApplications/Tor Browser
Owner: set to tbb-team

some log excerpt caused by wrong proxy password:

1/30/2018 15:26:35 PM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
1/30/2018 15:26:35 PM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
1/30/2018 15:26:35 PM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
1/30/2018 15:26:35 PM.700 [NOTICE] Opening Socks listener on xx.xx.xx.xx:xxx
1/30/2018 15:26:36 PM.600 [NOTICE] Bootstrapped 5%: Connecting to directory server
1/30/2018 15:26:36 PM.600 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
1/30/2018 15:26:36 PM.800 [WARN] The https proxy sent back an unexpected status code 407 ("Proxy Authentication Required"). Closing.
1/30/2018 15:26:36 PM.800 [WARN] Proxy Client: unable to connect to xx.xx.xx.xx:xxx
1/30/2018 15:26:37 PM.600 [WARN] The https proxy sent back an unexpected status code 407 ("Proxy Authentication Required"). Closing.
1/30/2018 15:26:37 PM.600 [WARN] Proxy Client: unable to connect to xx.xx.xx.xx:xxx
1/30/2018 15:26:37 PM.700 [WARN] The https proxy sent back an unexpected status code 407 ("Proxy Authentication Required"). Closing.

[ ... ]

1/30/2018 15:27:36 PM.900 [WARN] Proxy Client: unable to connect to xx.xx.xx.xx:xxx
1/30/2018 15:27:46 PM.900 [WARN] The https proxy sent back an unexpected status code 407 ("Proxy Authentication Required"). Closing.
1/30/2018 15:27:46 PM.900 [WARN] Proxy Client: unable to connect to xx.xx.xx.xx:xxx

comment:2 Changed 5 months ago by gk

Status: newneeds_information

How are you configuring the proxy? Are you changing the torrc file directly? I am asking as Tor Browser lets you configure your HTTP proxy directly during start-up.

comment:3 Changed 5 months ago by ro0ter

I am using the start-up dialog.

I also tried changing the torrc file directly, but after startup and editing configuration, the password gets truncated in the same place..

For instance, authentication "usr:!2#pas$word" becomes "usr:!2".......

comment:4 Changed 5 months ago by ro0ter

really, just do this test:

  1. start tor, click cancel in the initial dialog (be fast if you have direct connection)
  2. click configure, type some ip/port for the proxy and add a user and a password (the password must contain the pound/hashtag character)
  3. save the proxy settings by allowing it to connect agian
  4. close tor
  5. inspect the configuration file.......

comment:5 Changed 5 months ago by gk

Cc: mcs brade added
Component: Applications/Tor BrowserCore Tor/Tor
Status: needs_informationnew

If you look at the torrc spec (https://gitweb.torproject.org/tor.git/tree/doc/torrc_format.txt) then you'll see that # is only used for comments right now. So, this seems to be a Tor core bug.

comment:6 Changed 5 months ago by ro0ter

Please classify this defect as required.

Looking forward for its fix...

Thank you!

NOTE: it would be nice if neither the user nor the password are stored in clear text... Hint: xtea?

Last edited 5 months ago by ro0ter (previous) (diff)

comment:7 Changed 5 months ago by mcs

R.e. how to handle the '#' character, here is a question for the network team: how should Tor Launcher encode '#" characters when it issues a SETCONF command? Maybe \23 or enclose the value in double quotes?

comment:8 Changed 5 months ago by teor

Using a QuotedString:
https://gitweb.torproject.org/torspec.git/tree/control-spec.txt#n90

If "#" doesn't work, let us know, we might have a bug.

comment:9 Changed 5 months ago by gk

Component: Core Tor/TorApplications/Tor Launcher

Looking at

const kSafeCharRE = /^[\x21\x23-\x7E]*$/;

in _strEscape() we should try to see if that's a TorLauncher bug first, I guess.

comment:10 Changed 5 months ago by gk

Cc: brade removed
Owner: changed from tbb-team to brade
Status: newassigned

comment:11 Changed 5 months ago by mcs

Keywords: TorBrowserTeam201802R added
Status: assignedneeds_review

Here is a fix:
https://gitweb.torproject.org/user/brade/tor-launcher.git/commit/?h=bug25089-01&id=fa8590a497b492f6da62bbf7009735a17e17ec21

ro0ter, you can work around this bug by editing the torrc file that is part of your Tor Browser installation. You will want to ensure that your torrc includes lines that look like the following:

HTTPSProxy 1.2.3.4:80
HTTPSProxyAuthenticator "mcs:secret#1"

The HTTPSProxy value should be host:port and the value for HTTPSProxyAuthenticator should be "username:password".

Note that if you later use our GUI to make changes, your manual changes will be overwritten.

comment:12 Changed 4 months ago by gk

Resolution: fixed
Status: needs_reviewclosed

Thanks. Merge to master (commit fa8590a497b492f6da62bbf7009735a17e17ec21). I think the change is small enough that we'll include it directly in the next stable as well.

comment:13 Changed 4 months ago by ro0ter

mcs, I cant make it work since the tor launcher detects my change and does not agree... Id rather not attach a screenshot, not useful, but here`s the text:

:: Connect to Tor ::
Tor|Browser

You have configured Tor bridges or you have entered local proxy settings. To make a direct connection to the Tor network, these settings must be removed.

[ < Back ] [ Remove Settings and Connect ]

For assistance, visit torproject.org/about/contact.html#support


[ Exit ]

comment:14 Changed 4 months ago by ro0ter

One more question: what about password containing both double quotes and pound?

comment:15 in reply to:  13 Changed 4 months ago by mcs

Replying to ro0ter:

mcs, I cant make it work since the tor launcher detects my change and does not agree... Id rather not attach a screenshot, not useful, but here`s the text:
...

I forgot that you will be prompted (since you have not previously connected). To avoid the prompt, set extensions.torlauncher.prompt_at_startup to false by ensuring that the following line in present in your prefs.js file:

user_pref("extensions.torlauncher.prompt_at_startup", false);

The prefs.js file is located in your browser profile. The path is `Browser\TorBrowser\Data\Browser\profile.default\prefs.js.

Replying to ro0ter:

One more question: what about password containing both double quotes and pound?

Our code already knew how to escape double quotes. You can use \" to include them in your torrc, e.g.,

HTTPSProxyAuthenticator "mcs:secret\"quote\"#1"

comment:16 Changed 4 months ago by ro0ter

The extensions.torlauncher.prompt_at_startup inside the prefs.js file is what I was missing, thank you mcs :)

I hereby validate the fix as well, now I won't have to ask colleagues for their proxy usr/pwd anymore :)

Good work! Thank you very much!

comment:17 Changed 4 months ago by gk

Keywords: tbb-backport added

comment:18 Changed 3 months ago by gk

Keywords: tbb-backported added; tbb-backport removed

That's commit fa8590a497b492f6da62bbf7009735a17e17ec21 on maint-0.2.14 and will be available in 7.5.1.

Last edited 3 months ago by gk (previous) (diff)
Note: See TracTickets for help on using tickets.