January 2024 - tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][tor-browser-115.6.0esr-13.0-1] fixup! Bug 40458: Implement .tor.onion aliases
by ma1 (＠ma1) 08 Jan '24

08 Jan '24

ma1 pushed to branch tor-browser-115.6.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: e4373331 by hackademix at 2024-01-08T20:09:08+01:00 fixup! Bug 40458: Implement .tor.onion aliases Bug 42099: Blind cross-site .onion requests. - - - - - 3 changed files: - browser/components/onionservices/OnionAliasStore.jsm - + browser/components/onionservices/TorRequestWatch.sys.mjs - browser/components/onionservices/moz.build Changes: ===================================== browser/components/onionservices/OnionAliasStore.jsm ===================================== @@ -12,11 +12,10 @@ const { ConsoleAPI } = ChromeUtils.import("resource://gre/modules/Console.jsm"); const lazy = {}; -ChromeUtils.defineModuleGetter( - lazy, - "JSONFile", - "resource://gre/modules/JSONFile.jsm" -); +ChromeUtils.defineESModuleGetters(lazy, { + JSONFile: "resource://gre/modules/JSONFile.sys.mjs", + TorRequestWatch: "resource:///modules/TorRequestWatch.sys.mjs", +}); /* OnionAliasStore observer topics */ const OnionAliasStoreTopics = Object.freeze({ @@ -281,6 +280,7 @@ class _OnionAliasStore { } async init() { + lazy.TorRequestWatch.start(); await this._loadSettings(); if (this.enabled) { await this._startUpdates(); @@ -295,6 +295,7 @@ class _OnionAliasStore { } this._rulesetTimeout = null; Services.prefs.removeObserver(kPrefOnionAliasEnabled, this); + lazy.TorRequestWatch.stop(); } async getChannels() { ===================================== browser/components/onionservices/TorRequestWatch.sys.mjs ===================================== @@ -0,0 +1,124 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * This module implements Tor-specific Web Request policies, such as + * preventing observable cross-site requests to .tor.onion and .bit.onion sites. + */ + +import { ConsoleAPI } from "resource://gre/modules/Console.sys.mjs"; + +const log = new ConsoleAPI({ + maxLogLevel: "warn", + maxLogLevelPref: "browser.torRequestWatch.log_level", + prefix: "TorRequestWatch", +}); + +class RequestObserver { + static #topics = [ + "http-on-modify-request", + "http-on-examine-response", + "http-on-examine-cached-response", + "http-on-examine-merged-response", + ]; + #asObserver(addOrRemove) { + const action = Services.obs[`${addOrRemove}Observer`].bind(Services.obs); + for (const topic of RequestObserver.#topics) { + action(this, topic); + } + } + + start() { + this.#asObserver("add"); + log.debug("Started"); + } + stop() { + this.#asObserver("remove"); + log.debug("Stopped"); + } + + // nsIObserver implementation + observe(subject, topic, data) { + try { + let channel = ChannelWrapper.get( + subject.QueryInterface(Ci.nsIHttpChannel) + ); + switch (topic) { + case "http-on-modify-request": + this.onRequest(channel); + break; + case "http-on-examine-cached-response": + case "http-on-examine-merged-response": + channel.isCached = true; + // falls through + case "http-on-examine-response": + this.onResponse(channel); + break; + } + } catch (e) { + log.error(e); + } + } + + onRequest(channel) { + if (this.shouldBlind(channel, channel.documentURL)) { + log.warn(`Blocking cross-site ${channel.finalURL} ${channel.type} load.`); + channel.cancel(Cr.NS_ERROR_ABORT); + } + } + onResponse(channel) { + if (!channel.documentURL && this.shouldBlind(channel, channel.originURL)) { + const COOP = "cross-origin-opener-policy"; + // we break window.opener references if needed to mitigate XS-Leaks + for (let h of channel.getResponseHeaders()) { + if (h.name.toLowerCase() === COOP && h.value === "same-origin") { + log.debug(`${COOP} is already same-origin, nothing to do.`); + return; + } + } + log.warn(`Blinding cross-site ${channel.finalURL} load.`); + channel.setResponseHeader(COOP, "same-origin-allow-popups"); + } + } + + isCrossOrigin(url1, url2) { + return new URL(url1).origin !== new URL(url2).origin; + } + shouldBlindCrossOrigin(uri) { + try { + let { host } = uri; + if (host.endsWith(".onion")) { + const previousPart = host.slice(-10, -6); + return ( + previousPart && (previousPart === ".tor" || previousPart === ".bit") + ); + } + } catch (e) { + // no host + } + return false; + } + shouldBlind(channel, sourceURL) { + return ( + sourceURL && + this.shouldBlindCrossOrigin(channel.finalURI) && + this.isCrossOrigin(channel.finalURL, sourceURL) + ); + } +} + +let observer; +export const TorRequestWatch = { + start() { + if (!observer) { + (observer = new RequestObserver()).start(); + } + }, + stop() { + if (observer) { + observer.stop(); + observer = null; + } + }, +}; ===================================== browser/components/onionservices/moz.build ===================================== @@ -4,4 +4,5 @@ EXTRA_JS_MODULES += [ "OnionAliasStore.jsm", "OnionLocationChild.jsm", "OnionLocationParent.jsm", + "TorRequestWatch.sys.mjs", ] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e437333… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e437333… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.0-1] fixup! Modify add-on support
by ma1 (＠ma1) 08 Jan '24

08 Jan '24

ma1 pushed to branch firefox-android-115.2.1-13.0-1 at The Tor Project / Applications / firefox-android Commits: cb98e7b2 by hackademix at 2024-01-08T19:54:56+01:00 fixup! Modify add-on support Bug 42353: Fix NoScript automatic updates. - - - - - 1 changed file: - fenix/app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt ===================================== @@ -136,37 +136,37 @@ object TorBrowserFeatures { } /** - * If we have not done it yet, enable automatic updates for NoScript and force a + * Enable automatic updates for NoScript and, if we've not done it yet, force a * one-time immediate update check, in order to upgrade old profiles and ensure we've got * the latest stable AMO version available on first startup. * We will do it as soon as the Tor is connected, to prevent early addonUpdater activation * causing automatic update checks failures (components.addonUpdater being a lazy prop). * The extension, from then on, should behave as if the user had installed it manually. */ - if (settings.noscriptUpdated == 0) { - context.components.torController.registerTorListener(object : TorEvents { - override fun onTorConnected() { - context.components.torController.unregisterTorListener(this) - // Enable automatic updates - context.components.addonUpdater.registerForFutureUpdates(NOSCRIPT_ID) - // Force an immediate update check + context.components.torController.registerTorListener(object : TorEvents { + override fun onTorConnected() { + context.components.torController.unregisterTorListener(this) + // Enable automatic updates. This must be done on every startup (tor-browser#42353) + context.components.addonUpdater.registerForFutureUpdates(NOSCRIPT_ID) + // Force a one-time immediate update check for older installations + if (settings.noscriptUpdated < 2) { context.components.addonUpdater.update(NOSCRIPT_ID) - settings.noscriptUpdated = 1 + settings.noscriptUpdated = 2 } + } - @SuppressWarnings("EmptyFunctionBlock") - override fun onTorConnecting() { - } + @SuppressWarnings("EmptyFunctionBlock") + override fun onTorConnecting() { + } - @SuppressWarnings("EmptyFunctionBlock") - override fun onTorStopped() { - } + @SuppressWarnings("EmptyFunctionBlock") + override fun onTorStopped() { + } - @SuppressWarnings("EmptyFunctionBlock") - override fun onTorStatusUpdate(entry: String?, status: String?) { - } - }) - } + @SuppressWarnings("EmptyFunctionBlock") + override fun onTorStatusUpdate(entry: String?, status: String?) { + } + }) } View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/cb9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/cb9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 42343 (TB): Pass pt_config.json to the browser
by Pier Angelo Vendrame (＠pierov) 08 Jan '24

08 Jan '24

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 1c1deba7 by Pier Angelo Vendrame at 2024-01-08T14:42:54+01:00 Bug 42343 (TB): Pass pt_config.json to the browser We modified TorSettings to handle pt_config.json, so we do not need to convert it to pref lines anymore, but we need to inject the updated file to omni.ja. - - - - - 2 changed files: - projects/browser/build - projects/browser/build.android Changes: ===================================== projects/browser/build ===================================== @@ -257,26 +257,6 @@ done echo "${line/\$\{pt_path\}/${PT_PATH}}" >> "$TORRC_DEFAULTS" done done - - # Write Default Bridge Prefs - echo "# Tor Launcher preferences (default bridges):" >> "$GENERATEDPREFSPATH" - RECOMMMENDED_DEFAULT=$(jq -r .recommendedDefault "${PT_CONFIG}") - echo "pref(\"extensions.torlauncher.default_bridge_recommended_type\", \"${RECOMMMENDED_DEFAULT}\");" >> "$GENERATEDPREFSPATH" - - # Writes bridge-line prefs for a given bridge type - function bridges_conf { - local bridge_type="$1" - local i=1 - jq -r ".bridges.\"$bridge_type\" | .[]" "${PT_CONFIG}" | while read -r line; do - echo "pref(\"extensions.torlauncher.default_bridge.$bridge_type.$i\", \"$line\");" >> "$GENERATEDPREFSPATH" - i=$((i + 1)) - done - } - - # Iterate over our bridge types and write default bridgelines for each - for bridge_type in $(jq -r ".bridges | keys[]" "${PT_CONFIG}"); do - bridges_conf $bridge_type - done [% END -%] [% IF c("var/linux") && c("var/tor-browser") %] @@ -293,8 +273,17 @@ PKG_DIR='[% c("var/project-name") %]' for tbdir in "${TBDIRS[@]}" do - tbdir="$tbdir[% IF c('var/macos') %]/Contents/Resources[% END %]/browser/" - pushd "$tbdir" + tbdir="$tbdir[% IF c('var/macos') %]/Contents/Resources[% END %]/" + [% IF c("var/tor-browser") -%] + pushd "$rootdir" + pt_config_dir=chrome/toolkit/content/global + mkdir -p "$pt_config_dir" + cp "pt_config.json" "$pt_config_dir/" + zip -Xm "$tbdir/omni.ja" "$pt_config_dir/pt_config.json" + rm -rf chrome + popd + [% END -%] + pushd "$tbdir/browser" unzip omni.ja defaults/preferences/[% c("var/prefs_file") %] || [ $? -lt 3 ] # Append our built extension-overrides.js to the preferences file cat "$GENERATEDPREFSPATH" >> defaults/preferences/[% c("var/prefs_file") %] ===================================== projects/browser/build.android ===================================== @@ -14,7 +14,7 @@ sorted_baseline_apk=$(basename $apk .apk)_sorted_baseline.apk $rootdir/sort-baseline.py --apk $apk $sorted_baseline_apk mv $sorted_baseline_apk $apk -# Bundle our extensioni(s). +# Bundle our extension(s). # NoScript will be copied over to the profile folder # as a "regular" browser extension receiving regular AMO updates. noscript_path="$ext_dir/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi" @@ -23,6 +23,21 @@ mkdir -p /var/tmp/build/$ext_dir [% dest_dir _ '/' _ c('filename') %] cd /var/tmp/build mv $rootdir/[% c('input_files_by_name/noscript') %] "$noscript_path" +[%IF c("var/tor-browser") -%] + unzip -j "$apk" assets/omni.ja + tar -xaf "$rootdir/[% c("input_files_by_name/tor-expert-bundle") %]" tor/pluggable_transports/pt_config.json + mkdir omni + pushd omni + unzip ../omni.ja + cp ../tor/pluggable_transports/pt_config.json chrome/toolkit/content/global/pt_config.json + [% c('zip', { + zip_src => [ '.' ], + zip_args => '../assets/omni.ja', + }) %] + popd +[% END -%] + + [% IF c("var/verify_allowed_addons") %] # Check that allowed_addons.json contains the right versions of our bundled extension(s). # If so, replace the default allowed_addons.json by ours in the apk assets folder. @@ -32,9 +47,9 @@ mv $rootdir/[% c('input_files_by_name/noscript') %] "$noscript_path" mv $rootdir/allowed_addons.json $assets_dir/allowed_addons.json [% c('zip', { - zip_src => [ '$assets_dir' ], - zip_args => '$apk', - }) %] + zip_src => [ '$assets_dir' ], + zip_args => '$apk', + }) %] aligned_apk=$(basename $apk .apk)_aligned.apk zipalign -vp 4 $apk $aligned_apk View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.6.0esr-13.5-1] 8 commits: fixup! Bug 40597: Implement TorSettings module
by Pier Angelo Vendrame (＠pierov) 08 Jan '24

08 Jan '24

Pier Angelo Vendrame pushed to branch tor-browser-115.6.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: be025b30 by Pier Angelo Vendrame at 2024-01-08T14:38:58+01:00 fixup! Bug 40597: Implement TorSettings module Convert TorSettings to an ES class. - - - - - 440a0aae by Pier Angelo Vendrame at 2024-01-08T14:39:01+01:00 fixup! Bug 40597: Implement TorSettings module Replace _ with # for private stuff in TorSettings. - - - - - 08bc6b26 by Pier Angelo Vendrame at 2024-01-08T14:39:01+01:00 fixup! Bug 40597: Implement TorSettings module Bug 42343: Read built-in bridges from pt_config.json instead of preferences. - - - - - 28351513 by Pier Angelo Vendrame at 2024-01-08T14:39:02+01:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42343: Read built-in bridges from pt_config.json instead of preferences. Update the way in which we query the PTs we have bundled bridge lines for. - - - - - 6e7488b0 by Pier Angelo Vendrame at 2024-01-08T14:39:02+01:00 fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Bug 42343: Read built-in bridges from pt_config.json instead of preferences. Remove some preferences we do not use anymore and their documentation. - - - - - 8da34d3a by Pier Angelo Vendrame at 2024-01-08T14:39:02+01:00 fixup! Bug 41089: Add tor-browser build scripts + Makefile to tor-browser Bug 42343: Read built-in bridges from pt_config.json instead of preferences. Do not copy the bridges anymore when doing the deploy. - - - - - 51e8c714 by Pier Angelo Vendrame at 2024-01-08T14:39:03+01:00 fixup! Bug 40597: Implement TorSettings module Added checks on TorSettings.initialized, and some documentation improvements. - - - - - 7272b554 by Pier Angelo Vendrame at 2024-01-08T14:39:03+01:00 fixup! Bug 40597: Implement TorSettings module Batch of changes requested in the MR. - - - - - 9 changed files: - browser/app/profile/000-tor-browser.js - browser/components/torpreferences/content/builtinBridgeDialog.mjs - browser/components/torpreferences/content/connectionPane.js - toolkit/content/jar.mn - + toolkit/content/pt_config.json - toolkit/modules/TorConnect.sys.mjs - toolkit/modules/TorSettings.sys.mjs - − tools/torbrowser/bridges.js - tools/torbrowser/deploy.sh Changes: ===================================== browser/app/profile/000-tor-browser.js ===================================== @@ -69,7 +69,6 @@ pref("extensions.torbutton.pref_fixup_version", 0); pref("extensions.torlauncher.start_tor", true); pref("extensions.torlauncher.prompt_at_startup", true); -pref("extensions.torlauncher.quickstart", false); pref("extensions.torlauncher.max_tor_log_entries", 1000); @@ -113,11 +112,3 @@ pref("extensions.torlauncher.tordatadir_path", ""); pref("extensions.torlauncher.bridgedb_front", "foursquare.com"); pref("extensions.torlauncher.bridgedb_reflector", "https://moat.torproject.org.global.prod.fastly.net/"); pref("extensions.torlauncher.moat_service", "https://bridges.torproject.org/moat"); -pref("extensions.torlauncher.bridgedb_bridge_type", "obfs4"); - -// Recommended default bridge type. -// pref("extensions.torlauncher.default_bridge_recommended_type", "obfs3"); - -// Default bridges. -// pref("extensions.torlauncher.default_bridge.TYPE.1", "TYPE x.x.x.x:yy"); -// pref("extensions.torlauncher.default_bridge.TYPE.2", "TYPE x.x.x.x:yy"); ===================================== browser/components/torpreferences/content/builtinBridgeDialog.mjs ===================================== @@ -3,7 +3,6 @@ import { TorStrings } from "resource://gre/modules/TorStrings.sys.mjs"; import { TorSettings, TorBridgeSource, - TorBuiltinBridgeTypes, } from "resource://gre/modules/TorSettings.sys.mjs"; import { @@ -62,7 +61,7 @@ export class BuiltinBridgeDialog { )) { const radio = optionEl.querySelector("radio"); const type = radio.value; - optionEl.hidden = !TorBuiltinBridgeTypes.includes(type); + optionEl.hidden = !TorSettings.builtinBridgeTypes.includes(type); radio.label = typeStrings[type].label; optionEl.querySelector( ".builtin-bridges-option-description" ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -867,7 +867,7 @@ const gConnectionPane = (function () { }, init() { - this._populateXUL(); + TorSettings.initializedPromise.then(() => this._populateXUL()); const onUnload = () => { window.removeEventListener("unload", onUnload); ===================================== toolkit/content/jar.mn ===================================== @@ -137,3 +137,5 @@ toolkit.jar: # Third party files content/global/third_party/d3/d3.js (/third_party/js/d3/d3.js) content/global/third_party/cfworker/json-schema.js (/third_party/js/cfworker/json-schema.js) + + content/global/pt_config.json (pt_config.json) ===================================== toolkit/content/pt_config.json ===================================== @@ -0,0 +1,32 @@ +{ + "_comment": "Used for dev build, replaced for release builds in tor-browser-build. This file is copied from tor-browser-build cb513eec:tor-expert-bundle/pt_config.json", + "recommendedDefault" : "obfs4", + "pluggableTransports" : { + "lyrebird" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ${pt_path}lyrebird${pt_extension}", + "snowflake" : "ClientTransportPlugin snowflake exec ${pt_path}snowflake-client${pt_extension}", + "webtunnel" : "ClientTransportPlugin webtunnel exec ${pt_path}webtunnel-client${pt_extension}", + "conjure" : "ClientTransportPlugin conjure exec ${pt_path}conjure-client${pt_extension} -registerURL https://registration.refraction.network/api" + }, + "bridges" : { + "meek-azure" : [ + "meek_lite 192.0.2.18:80 BE776A53492E1E044A26F17306E1BC46A55A1625 url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com" + ], + "obfs4" : [ + "obfs4 192.95.36.142:443 CDF2E852BF539B82BD10E27E9115A31734E378C2 cert=qUVQ0srL1JI/vO6V6m/24anYXiJD3QP2HgzUKQtQ7GRqqUvs7P+tG43RtAqdhLOALP7DJQ iat-mode=1", + "obfs4 37.218.245.14:38224 D9A82D2F9C2F65A18407B1D2B764F130847F8B5D cert=bjRaMrr1BRiAW8IE9U5z27fQaYgOhX1UCmOpg2pFpoMvo6ZgQMzLsaTzzQNTlm7hNcb+Sg iat-mode=0", + "obfs4 85.31.186.98:443 011F2599C0E9B27EE74B353155E244813763C3E5 cert=ayq0XzCwhpdysn5o0EyDUbmSOx3X/oTEbzDMvczHOdBJKlvIdHHLJGkZARtT4dcBFArPPg iat-mode=0", + "obfs4 85.31.186.26:443 91A6354697E6B02A386312F68D82CF86824D3606 cert=PBwr+S8JTVZo6MPdHnkTwXJPILWADLqfMGoVvhZClMq/Urndyd42BwX9YFJHZnBB3H0XCw iat-mode=0", + "obfs4 193.11.166.194:27015 2D82C2E354D531A68469ADF7F878FA6060C6BACA cert=4TLQPJrTSaDffMK7Nbao6LC7G9OW/NHkUwIdjLSS3KYf0Nv4/nQiiI8dY2TcsQx01NniOg iat-mode=0", + "obfs4 193.11.166.194:27020 86AC7B8D430DAC4117E9F42C9EAED18133863AAF cert=0LDeJH4JzMDtkJJrFphJCiPqKx7loozKN7VNfuukMGfHO0Z8OGdzHVkhVAOfo1mUdv9cMg iat-mode=0", + "obfs4 193.11.166.194:27025 1AE2C08904527FEA90C4C4F8C1083EA59FBC6FAF cert=ItvYZzW5tn6v3G4UnQa6Qz04Npro6e81AP70YujmK/KXwDFPTs3aHXcHp4n8Vt6w/bv8cA iat-mode=0", + "obfs4 209.148.46.65:443 74FAD13168806246602538555B5521A0383A1875 cert=ssH+9rP8dG2NLDN2XuFw63hIO/9MNNinLmxQDpVa+7kTOa9/m+tGWT1SmSYpQ9uTBGa6Hw iat-mode=0", + "obfs4 146.57.248.225:22 10A6CD36A537FCE513A322361547444B393989F0 cert=K1gDtDAIcUfeLqbstggjIw2rtgIKqdIhUlHp82XRqNSq/mtAjp1BIC9vHKJ2FAEpGssTPw iat-mode=0", + "obfs4 45.145.95.6:27015 C5B7CD6946FF10C5B3E89691A7D3F2C122D2117C cert=TD7PbUO0/0k6xYHMPW3vJxICfkMZNdkRrb63Zhl5j9dW3iRGiCx0A7mPhe5T2EDzQ35+Zw iat-mode=0", + "obfs4 51.222.13.177:80 5EDAC3B810E12B01F6FD8050D2FD3E277B289A08 cert=2uplIpLQ0q9+0qMFrK5pkaYRDOe460LL9WHBvatgkuRr/SL31wBOEupaMMJ6koRE6Ld0ew iat-mode=0" + ], + "snowflake" : [ + "snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn", + "snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=foursquare.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn" + ] + } +} ===================================== toolkit/modules/TorConnect.sys.mjs ===================================== @@ -23,7 +23,6 @@ import { TorLauncherUtil } from "resource://gre/modules/TorLauncherUtil.sys.mjs" import { TorSettings, TorSettingsTopics, - TorBuiltinBridgeTypes, } from "resource://gre/modules/TorSettings.sys.mjs"; import { TorStrings } from "resource://gre/modules/TorStrings.sys.mjs"; @@ -609,7 +608,7 @@ export const TorConnect = (() => { } const settings = await this.mrpc.circumvention_settings( - [...TorBuiltinBridgeTypes, "vanilla"], + [...TorSettings.builtinBridgeTypes, "vanilla"], countryCode ); @@ -625,7 +624,7 @@ export const TorConnect = (() => { } else { try { this.settings = await this.mrpc.circumvention_defaults([ - ...TorBuiltinBridgeTypes, + ...TorSettings.builtinBridgeTypes, "vanilla", ]); } catch (err) { ===================================== toolkit/modules/TorSettings.sys.mjs ===================================== @@ -67,16 +67,6 @@ const TorSettingsPrefs = Object.freeze({ }, }); -/* Legacy tor-launcher prefs and pref branches*/ -const TorLauncherPrefs = Object.freeze({ - quickstart: "extensions.torlauncher.quickstart", - default_bridge_type: "extensions.torlauncher.default_bridge_type", - default_bridge: "extensions.torlauncher.default_bridge.", - default_bridge_recommended_type: - "extensions.torlauncher.default_bridge_recommended_type", - bridgedb_bridge: "extensions.torlauncher.bridgedb_bridge.", -}); - /* Config Keys used to configure tor daemon */ const TorConfigKeys = Object.freeze({ useBridges: "UseBridges", @@ -105,101 +95,41 @@ export const TorProxyType = Object.freeze({ HTTPS: 2, }); -export const TorBuiltinBridgeTypes = Object.freeze( - (() => { - const bridgeListBranch = Services.prefs.getBranch( - TorLauncherPrefs.default_bridge - ); - const bridgePrefs = bridgeListBranch.getChildList(""); - - // an unordered set for shoving bridge types into - const bridgeTypes = new Set(); - // look for keys ending in ".N" and treat string before that as the bridge type - const pattern = /\.[0-9]+$/; - for (const key of bridgePrefs) { - const offset = key.search(pattern); - if (offset != -1) { - const bt = key.substring(0, offset); - bridgeTypes.add(bt); - } - } - - // recommended bridge type goes first in the list - const recommendedBridgeType = Services.prefs.getCharPref( - TorLauncherPrefs.default_bridge_recommended_type, - null - ); - - const retval = []; - if (recommendedBridgeType && bridgeTypes.has(recommendedBridgeType)) { - retval.push(recommendedBridgeType); - } - - for (const bridgeType of bridgeTypes.values()) { - if (bridgeType != recommendedBridgeType) { - retval.push(bridgeType); - } - } - return retval; - })() -); - -/* Parsing Methods */ - -// expects a '\n' or '\r\n' delimited bridge string, which we split and trim -// each bridge string can also optionally have 'bridge' at the beginning ie: -// bridge $(type) $(address):$(port) $(certificate) -// we strip out the 'bridge' prefix here -const parseBridgeStrings = function (aBridgeStrings) { +/** + * Split a blob of bridge lines into an array with single lines. + * Lines are delimited by \r\n or \n and each bridge string can also optionally + * have 'bridge' at the beginning. + * We split the text by \r\n, we trim the lines, remove the bridge prefix and + * filter out any remaiing empty item. + * + * @param {string} aBridgeStrings The text with the lines + * @returns {string[]} An array where each bridge line is an item + */ +function parseBridgeStrings(aBridgeStrings) { // replace carriage returns ('\r') with new lines ('\n') aBridgeStrings = aBridgeStrings.replace(/\r/g, "\n"); // then replace contiguous new lines ('\n') with a single one aBridgeStrings = aBridgeStrings.replace(/[\n]+/g, "\n"); - // split on the newline and for each bridge string: trim, remove starting 'bridge' string - // finally discard entries that are empty strings; empty strings could occur if we receive - // a new line containing only whitespace + // Split on the newline and for each bridge string: trim, remove starting + // 'bridge' string. + // Finally, discard entries that are empty strings; empty strings could occur + // if we receive a new line containing only whitespace. const splitStrings = aBridgeStrings.split("\n"); return splitStrings .map(val => val.trim().replace(/^bridge\s+/i, "")) - .filter(bridgeString => bridgeString != ""); -}; - -const getBuiltinBridgeStrings = function (builtinType) { - if (!builtinType) { - return []; - } - - const bridgeBranch = Services.prefs.getBranch( - TorLauncherPrefs.default_bridge - ); - const bridgeBranchPrefs = bridgeBranch.getChildList(""); - const retval = []; - - // regex matches against strings ending in ".N" where N is a positive integer - const pattern = /\.[0-9]+$/; - for (const key of bridgeBranchPrefs) { - // verify the location of the match is the correct offset required for aBridgeType - // to fit, and that the string begins with aBridgeType - if ( - key.search(pattern) == builtinType.length && - key.startsWith(builtinType) - ) { - const bridgeStr = bridgeBranch.getCharPref(key); - retval.push(bridgeStr); - } - } - - // shuffle so that Tor Browser users don't all try the built-in bridges in the same order - arrayShuffle(retval); - - return retval; -}; - -/* Helper methods */ - -const arrayShuffle = function (array) { - // fisher-yates shuffle + .filter(bridgeString => bridgeString !== ""); +} + +/** + * Return a shuffled (Fisher-Yates) copy of an array. + * + * @template T + * @param {T[]} array + * @returns {T[]} + */ +function arrayShuffle(array) { + array = [...array]; for (let i = array.length - 1; i > 0; --i) { // number n such that 0.0 <= n < 1.0 const n = Math.random(); @@ -211,17 +141,18 @@ const arrayShuffle = function (array) { array[i] = array[j]; array[j] = tmp; } -}; + return array; +} /* TorSettings module */ -export const TorSettings = { +class TorSettingsImpl { /** * The underlying settings values. * * @type {object} */ - _settings: { + #settings = { quickstart: { enabled: false, }, @@ -243,34 +174,207 @@ export const TorSettings = { enabled: false, allowed_ports: [], }, - }, + }; + + /** + * The recommended pluggable transport. + * + * @type {string} + */ + #recommendedPT = ""; + + /** + * The bridge lines for built-in bridges. + * Keys are pluggable transports, and values are arrays of bridge lines. + * + * @type {Object.<string, string[]>} + */ + #builtinBridges = {}; + + /** + * Resolve callback of the initializedPromise. + */ + #initComplete; + /** + * Reject callback of the initializedPromise. + */ + #initFailed; + /** + * Tell whether the initializedPromise has been resolved. + * We keep this additional member to avoid making everything async. + * + * @type {boolean} + */ + #initialized = false; + /** + * During some phases of the initialization, allow calling setters and + * getters without throwing errors. + * + * @type {boolean} + */ + #allowUninitialized = false; + + constructor() { + this.initializedPromise = new Promise((resolve, reject) => { + this.#initComplete = resolve; + this.#initFailed = reject; + }); + + this.#addProperties("quickstart", { + enabled: {}, + }); + this.#addProperties("bridges", { + enabled: {}, + source: { + transform: val => { + if (Object.values(TorBridgeSource).includes(val)) { + return val; + } + lazy.logger.error(`Not a valid bridge source: "${val}"`); + return TorBridgeSource.Invalid; + }, + }, + bridge_strings: { + transform: val => { + if (Array.isArray(val)) { + return [...val]; + } + return parseBridgeStrings(val); + }, + copy: val => [...val], + equal: (val1, val2) => this.#arrayEqual(val1, val2), + }, + builtin_type: { + callback: val => { + if (!val) { + // Make sure that the source is not BuiltIn + if (this.bridges.source === TorBridgeSource.BuiltIn) { + this.bridges.source = TorBridgeSource.Invalid; + } + return; + } + const bridgeStrings = this.#getBuiltinBridges(val); + if (bridgeStrings.length) { + this.bridges.bridge_strings = bridgeStrings; + return; + } + lazy.logger.error(`No built-in ${val} bridges found`); + // Change to be empty, this will trigger this callback again, + // but with val as "". + this.bridges.builtin_type == ""; + }, + }, + }); + this.#addProperties("proxy", { + enabled: { + callback: val => { + if (val) { + return; + } + // Reset proxy settings. + this.proxy.type = TorProxyType.Invalid; + this.proxy.address = ""; + this.proxy.port = 0; + this.proxy.username = ""; + this.proxy.password = ""; + }, + }, + type: { + transform: val => { + if (Object.values(TorProxyType).includes(val)) { + return val; + } + lazy.logger.error(`Not a valid proxy type: "${val}"`); + return TorProxyType.Invalid; + }, + }, + address: {}, + port: { + transform: val => { + if (val === 0) { + // This is a valid value that "unsets" the port. + // Keep this value without giving a warning. + // NOTE: In contrast, "0" is not valid. + return 0; + } + // Unset to 0 if invalid null is returned. + return this.#parsePort(val, false) ?? 0; + }, + }, + username: {}, + password: {}, + uri: { + getter: () => { + const { type, address, port, username, password } = this.proxy; + switch (type) { + case TorProxyType.Socks4: + return `socks4a://${address}:${port}`; + case TorProxyType.Socks5: + if (username) { + return `socks5://${username}:${password}@${address}:${port}`; + } + return `socks5://${address}:${port}`; + case TorProxyType.HTTPS: + if (username) { + return `http://${username}:${password}@${address}:${port}`; + } + return `http://${address}:${port}`; + } + return null; + }, + }, + }); + this.#addProperties("firewall", { + enabled: { + callback: val => { + if (!val) { + this.firewall.allowed_ports = ""; + } + }, + }, + allowed_ports: { + transform: val => { + if (!Array.isArray(val)) { + val = val === "" ? [] : val.split(","); + } + // parse and remove duplicates + const portSet = new Set(val.map(p => this.#parsePort(p, true))); + // parsePort returns null for failed parses, so remove it. + portSet.delete(null); + return [...portSet]; + }, + copy: val => [...val], + equal: (val1, val2) => this.#arrayEqual(val1, val2), + }, + }); + } /** * The current number of freezes applied to the notifications. * * @type {integer} */ - _freezeNotificationsCount: 0, + #freezeNotificationsCount = 0; /** * The queue for settings that have changed. To be broadcast in the * notification when not frozen. * * @type {Set<string>} */ - _notificationQueue: new Set(), + #notificationQueue = new Set(); /** * Send a notification if we have any queued and we are not frozen. */ - _tryNotification() { - if (this._freezeNotificationsCount || !this._notificationQueue.size) { + #tryNotification() { + if (this.#freezeNotificationsCount || !this.#notificationQueue.size) { return; } Services.obs.notifyObservers( - { changes: [...this._notificationQueue] }, + { changes: [...this.#notificationQueue] }, TorSettingsTopics.SettingsChanged ); - this._notificationQueue.clear(); - }, + this.#notificationQueue.clear(); + } /** * Pause notifications for changes in setting values. This is useful if you * need to make batch changes to settings. @@ -281,8 +385,8 @@ export const TorSettings = { * `finally` block. */ freezeNotifications() { - this._freezeNotificationsCount++; - }, + this.#freezeNotificationsCount++; + } /** * Release the hold on notifications so they may be sent out. * @@ -290,9 +394,9 @@ export const TorSettings = { * only release them once it has also called this method. */ thawNotifications() { - this._freezeNotificationsCount--; - this._tryNotification(); - }, + this.#freezeNotificationsCount--; + this.#tryNotification(); + } /** * @typedef {object} TorSettingProperty * @@ -316,22 +420,32 @@ export const TorSettings = { * @param {string} groupname - The name of the setting group. The given * settings will be accessible from the TorSettings property of the same * name. - * @param {object<string, TorSettingProperty>} propParams - An object that + * @param {object.<string, TorSettingProperty>} propParams - An object that * defines the settings to add to this group. The object property names * will be mapped to properties of TorSettings under the given groupname * property. Details about the setting should be described in the * TorSettingProperty property value. */ - _addProperties(groupname, propParams) { + #addProperties(groupname, propParams) { // Create a new object to hold all these settings. const group = {}; for (const name in propParams) { const { getter, transform, callback, copy, equal } = propParams[name]; Object.defineProperty(group, name, { get: getter - ? getter + ? () => { + // Allow getting in loadFromPrefs before we are initialized. + if (!this.#allowUninitialized) { + this.#checkIfInitialized(); + } + return getter(); + } : () => { - let val = this._settings[groupname][name]; + // Allow getting in loadFromPrefs before we are initialized. + if (!this.#allowUninitialized) { + this.#checkIfInitialized(); + } + let val = this.#settings[groupname][name]; if (copy) { val = copy(val); } @@ -341,7 +455,11 @@ export const TorSettings = { set: getter ? undefined : val => { - const prevVal = this._settings[groupname][name]; + // Allow setting in loadFromPrefs before we are initialized. + if (!this.#allowUninitialized) { + this.#checkIfInitialized(); + } + const prevVal = this.#settings[groupname][name]; this.freezeNotifications(); try { if (transform) { @@ -352,8 +470,8 @@ export const TorSettings = { if (callback) { callback(val); } - this._settings[groupname][name] = val; - this._notificationQueue.add(`${groupname}.${name}`); + this.#settings[groupname][name] = val; + this.#notificationQueue.add(`${groupname}.${name}`); } } finally { this.thawNotifications(); @@ -367,14 +485,14 @@ export const TorSettings = { writable: false, value: group, }); - }, + } /** * Regular expression for a decimal non-negative integer. * * @type {RegExp} */ - _portRegex: /^[0-9]+$/, + #portRegex = /^[0-9]+$/; /** * Parse a string as a port number. * @@ -385,13 +503,13 @@ export const TorSettings = { * @return {integer?} - The port number, or null if the given value was not * valid. */ - _parsePort(val, trim) { + #parsePort(val, trim) { if (typeof val === "string") { if (trim) { val = val.trim(); } // ensure port string is a valid positive integer - if (this._portRegex.test(val)) { + if (this.#portRegex.test(val)) { val = Number.parseInt(val, 10); } else { lazy.logger.error(`Invalid port string "${val}"`); @@ -403,7 +521,7 @@ export const TorSettings = { return null; } return val; - }, + } /** * Test whether two arrays have equal members and order. * @@ -412,142 +530,57 @@ export const TorSettings = { * * @return {boolean} - Whether the two arrays are equal. */ - _arrayEqual(val1, val2) { + #arrayEqual(val1, val2) { if (val1.length !== val2.length) { return false; } return val1.every((v, i) => v === val2[i]); - }, + } + + /** + * Return the bridge lines associated to a certain pluggable transport. + * + * @param {string} pt The pluggable transport to return the lines for + * @returns {string[]} The bridge lines in random order + */ + #getBuiltinBridges(pt) { + // Shuffle so that Tor Browser users do not all try the built-in bridges in + // the same order. + return arrayShuffle(this.#builtinBridges[pt] ?? []); + } - /* load or init our settings, and register observers */ + /** + * Load or init our settings, and register observers. + */ async init() { - this._addProperties("quickstart", { - enabled: {}, - }); - this._addProperties("bridges", { - enabled: {}, - source: { - transform: val => { - if (Object.values(TorBridgeSource).includes(val)) { - return val; - } - lazy.logger.error(`Not a valid bridge source: "${val}"`); - return TorBridgeSource.Invalid; - }, - }, - bridge_strings: { - transform: val => { - if (Array.isArray(val)) { - return [...val]; - } - return parseBridgeStrings(val); - }, - copy: val => [...val], - equal: (val1, val2) => this._arrayEqual(val1, val2), - }, - builtin_type: { - callback: val => { - if (!val) { - // Make sure that the source is not BuiltIn - if (this.bridges.source === TorBridgeSource.BuiltIn) { - this.bridges.source = TorBridgeSource.Invalid; - } - return; - } - const bridgeStrings = getBuiltinBridgeStrings(val); - if (bridgeStrings.length) { - this.bridges.bridge_strings = bridgeStrings; - return; - } - lazy.logger.error(`No built-in ${val} bridges found`); - // Change to be empty, this will trigger this callback again, - // but with val as "". - this.bridges.builtin_type == ""; - }, - }, - }); - this._addProperties("proxy", { - enabled: { - callback: val => { - if (val) { - return; - } - // Reset proxy settings. - this.proxy.type = TorProxyType.Invalid; - this.proxy.address = ""; - this.proxy.port = 0; - this.proxy.username = ""; - this.proxy.password = ""; - }, - }, - type: { - transform: val => { - if (Object.values(TorProxyType).includes(val)) { - return val; - } - lazy.logger.error(`Not a valid proxy type: "${val}"`); - return TorProxyType.Invalid; - }, - }, - address: {}, - port: { - transform: val => { - if (val === 0) { - // This is a valid value that "unsets" the port. - // Keep this value without giving a warning. - // NOTE: In contrast, "0" is not valid. - return 0; - } - // Unset to 0 if invalid null is returned. - return this._parsePort(val, false) ?? 0; - }, - }, - username: {}, - password: {}, - uri: { - getter: () => { - const { type, address, port, username, password } = this.proxy; - switch (type) { - case TorProxyType.Socks4: - return `socks4a://${address}:${port}`; - case TorProxyType.Socks5: - if (username) { - return `socks5://${username}:${password}@${address}:${port}`; - } - return `socks5://${address}:${port}`; - case TorProxyType.HTTPS: - if (username) { - return `http://${username}:${password}@${address}:${port}`; - } - return `http://${address}:${port}`; - } - return null; - }, - }, - }); - this._addProperties("firewall", { - enabled: { - callback: val => { - if (!val) { - this.firewall.allowed_ports = ""; - } - }, - }, - allowed_ports: { - transform: val => { - if (!Array.isArray(val)) { - val = val === "" ? [] : val.split(","); - } - // parse and remove duplicates - const portSet = new Set(val.map(p => this._parsePort(p, true))); - // parsePort returns null for failed parses, so remove it. - portSet.delete(null); - return [...portSet]; - }, - copy: val => [...val], - equal: (val1, val2) => this._arrayEqual(val1, val2), - }, - }); + if (this.#initialized) { + lazy.logger.warn("Called init twice."); + return; + } + try { + await this.#initInternal(); + this.#initialized = true; + this.#initComplete(); + } catch (e) { + this.#initFailed(e); + throw e; + } + } + + /** + * The actual implementation of the initialization, which is wrapped to make + * it easier to update initializatedPromise. + */ + async #initInternal() { + try { + const req = await fetch("chrome://global/content/pt_config.json"); + const config = await req.json(); + lazy.logger.debug("Loaded pt_config.json", config); + this.#recommendedPT = config.recommendedDefault; + this.#builtinBridges = config.bridges; + } catch (e) { + lazy.logger.error("Could not load the built-in PT config.", e); + } // TODO: We could use a shared promise, and wait for it to be fullfilled // instead of Service.obs. @@ -557,16 +590,18 @@ export const TorSettings = { // Do not want notifications for initially loaded prefs. this.freezeNotifications(); try { - this.loadFromPrefs(); + this.#allowUninitialized = true; + this.#loadFromPrefs(); } finally { - this._notificationQueue.clear(); + this.#allowUninitialized = false; + this.#notificationQueue.clear(); this.thawNotifications(); } } try { const provider = await lazy.TorProviderBuilder.build(); if (provider.isRunning) { - this.handleProcessReady(); + this.#handleProcessReady(); // No need to add an observer to call this again. return; } @@ -574,9 +609,33 @@ export const TorSettings = { Services.obs.addObserver(this, lazy.TorProviderTopics.ProcessIsReady); } - }, + } + + /** + * Check whether the object has been successfully initialized, and throw if + * it has not. + */ + #checkIfInitialized() { + if (!this.#initialized) { + lazy.logger.trace("Not initialized code path."); + throw new Error( + "TorSettings has not been initialized yet, or its initialization failed" + ); + } + } + + /** + * Tell whether TorSettings has been successfully initialized. + * + * @returns {boolean} + */ + get initialized() { + return this.#initialized; + } - /* wait for relevant life-cycle events to apply saved settings */ + /** + * Wait for relevant life-cycle events to apply saved settings. + */ async observe(subject, topic, data) { lazy.logger.debug(`Observed ${topic}`); @@ -586,21 +645,26 @@ export const TorSettings = { this, lazy.TorProviderTopics.ProcessIsReady ); - await this.handleProcessReady(); + await this.#handleProcessReady(); break; } - }, + } - // once the tor daemon is ready, we need to apply our settings - async handleProcessReady() { + /** + * Apply the settings once the tor provider is ready and notify any observer + * that the settings can be used. + */ + async #handleProcessReady() { // push down settings to tor - await this.applySettings(); + await this.#applySettings(true); lazy.logger.info("Ready"); Services.obs.notifyObservers(null, TorSettingsTopics.Ready); - }, + } - // load our settings from prefs - loadFromPrefs() { + /** + * Load our settings from prefs. + */ + #loadFromPrefs() { lazy.logger.debug("loadFromPrefs()"); /* Quickstart */ @@ -671,12 +735,16 @@ export const TorSettings = { "" ); } - }, + } - // save our settings to prefs + /** + * Save our settings to prefs. + */ saveToPrefs() { lazy.logger.debug("saveToPrefs()"); + this.#checkIfInitialized(); + /* Quickstart */ Services.prefs.setBoolPref( TorSettingsPrefs.quickstart.enabled, @@ -758,77 +826,100 @@ export const TorSettings = { Services.prefs.setBoolPref(TorSettingsPrefs.enabled, true); return this; - }, + } - // push our settings down to the tor daemon + /** + * Push our settings down to the tor provider. + */ async applySettings() { - lazy.logger.debug("applySettings()"); + this.#checkIfInitialized(); + return this.#applySettings(false); + } + + /** + * Internal implementation of applySettings that does not check if we are + * initialized. + */ + async #applySettings(allowUninitialized) { + lazy.logger.debug("#applySettings()"); + const settingsMap = new Map(); - /* Bridges */ - const haveBridges = - this.bridges.enabled && !!this.bridges.bridge_strings.length; - settingsMap.set(TorConfigKeys.useBridges, haveBridges); - if (haveBridges) { - settingsMap.set(TorConfigKeys.bridgeList, this.bridges.bridge_strings); - } else { - settingsMap.set(TorConfigKeys.bridgeList, null); - } + // #applySettings can be called only when #allowUninitialized is false + this.#allowUninitialized = allowUninitialized; - /* Proxy */ - settingsMap.set(TorConfigKeys.socks4Proxy, null); - settingsMap.set(TorConfigKeys.socks5Proxy, null); - settingsMap.set(TorConfigKeys.socks5ProxyUsername, null); - settingsMap.set(TorConfigKeys.socks5ProxyPassword, null); - settingsMap.set(TorConfigKeys.httpsProxy, null); - settingsMap.set(TorConfigKeys.httpsProxyAuthenticator, null); - if (this.proxy.enabled) { - const address = this.proxy.address; - const port = this.proxy.port; - const username = this.proxy.username; - const password = this.proxy.password; - - switch (this.proxy.type) { - case TorProxyType.Socks4: - settingsMap.set(TorConfigKeys.socks4Proxy, `${address}:${port}`); - break; - case TorProxyType.Socks5: - settingsMap.set(TorConfigKeys.socks5Proxy, `${address}:${port}`); - settingsMap.set(TorConfigKeys.socks5ProxyUsername, username); - settingsMap.set(TorConfigKeys.socks5ProxyPassword, password); - break; - case TorProxyType.HTTPS: - settingsMap.set(TorConfigKeys.httpsProxy, `${address}:${port}`); - settingsMap.set( - TorConfigKeys.httpsProxyAuthenticator, - `${username}:${password}` - ); - break; + try { + /* Bridges */ + const haveBridges = + this.bridges.enabled && !!this.bridges.bridge_strings.length; + settingsMap.set(TorConfigKeys.useBridges, haveBridges); + if (haveBridges) { + settingsMap.set(TorConfigKeys.bridgeList, this.bridges.bridge_strings); + } else { + settingsMap.set(TorConfigKeys.bridgeList, null); } - } - /* Firewall */ - if (this.firewall.enabled) { - const reachableAddresses = this.firewall.allowed_ports - .map(port => `*:${port}`) - .join(","); - settingsMap.set(TorConfigKeys.reachableAddresses, reachableAddresses); - } else { - settingsMap.set(TorConfigKeys.reachableAddresses, null); + /* Proxy */ + settingsMap.set(TorConfigKeys.socks4Proxy, null); + settingsMap.set(TorConfigKeys.socks5Proxy, null); + settingsMap.set(TorConfigKeys.socks5ProxyUsername, null); + settingsMap.set(TorConfigKeys.socks5ProxyPassword, null); + settingsMap.set(TorConfigKeys.httpsProxy, null); + settingsMap.set(TorConfigKeys.httpsProxyAuthenticator, null); + if (this.proxy.enabled) { + const address = this.proxy.address; + const port = this.proxy.port; + const username = this.proxy.username; + const password = this.proxy.password; + + switch (this.proxy.type) { + case TorProxyType.Socks4: + settingsMap.set(TorConfigKeys.socks4Proxy, `${address}:${port}`); + break; + case TorProxyType.Socks5: + settingsMap.set(TorConfigKeys.socks5Proxy, `${address}:${port}`); + settingsMap.set(TorConfigKeys.socks5ProxyUsername, username); + settingsMap.set(TorConfigKeys.socks5ProxyPassword, password); + break; + case TorProxyType.HTTPS: + settingsMap.set(TorConfigKeys.httpsProxy, `${address}:${port}`); + settingsMap.set( + TorConfigKeys.httpsProxyAuthenticator, + `${username}:${password}` + ); + break; + } + } + + /* Firewall */ + if (this.firewall.enabled) { + const reachableAddresses = this.firewall.allowed_ports + .map(port => `*:${port}`) + .join(","); + settingsMap.set(TorConfigKeys.reachableAddresses, reachableAddresses); + } else { + settingsMap.set(TorConfigKeys.reachableAddresses, null); + } + } finally { + this.#allowUninitialized = false; } /* Push to Tor */ const provider = await lazy.TorProviderBuilder.build(); await provider.writeSettings(settingsMap); + } - return this; - }, - - // set all of our settings at once from a settings object + /** + * Set all of our settings at once from a settings object. + * + * @param {object} settings The settings object to set + */ setSettings(settings) { lazy.logger.debug("setSettings()"); + this.#checkIfInitialized(); + const backup = this.getSettings(); - const backup_notifications = [...this._notificationQueue]; + const backupNotifications = [...this.#notificationQueue]; // Hold off on lots of notifications until all settings are changed. this.freezeNotifications(); @@ -869,10 +960,10 @@ export const TorSettings = { // some other call to TorSettings to change anything whilst we are // in this context (other than lower down in this call stack), so it is // safe to discard all changes to settings and notifications. - this._settings = backup; - this._notificationQueue.clear(); - for (const notification of backup_notifications) { - this._notificationQueue.add(notification); + this.#settings = backup; + this.#notificationQueue.clear(); + for (const notification of backupNotifications) { + this.#notificationQueue.add(notification); } lazy.logger.error("setSettings failed", ex); @@ -880,12 +971,36 @@ export const TorSettings = { this.thawNotifications(); } - lazy.logger.debug("setSettings result", this._settings); - }, + lazy.logger.debug("setSettings result", this.#settings); + } - // get a copy of all our settings + /** + * Get a copy of all our settings. + * + * @returns {object} A copy of the settings object + */ getSettings() { lazy.logger.debug("getSettings()"); - return structuredClone(this._settings); - }, -}; + this.#checkIfInitialized(); + return structuredClone(this.#settings); + } + + /** + * Return an array with the pluggable transports for which we have at least a + * built-in bridge line. + * + * @returns {string[]} An array with PT identifiers + */ + get builtinBridgeTypes() { + this.#checkIfInitialized(); + const types = Object.keys(this.#builtinBridges); + const recommendedIndex = types.indexOf(this.#recommendedPT); + if (recommendedIndex > 0) { + types.splice(recommendedIndex, 1); + types.unshift(this.#recommendedPT); + } + return types; + } +} + +export const TorSettings = new TorSettingsImpl(); ===================================== tools/torbrowser/bridges.js deleted ===================================== @@ -1,62 +0,0 @@ -pref("extensions.torlauncher.default_bridge_recommended_type", "obfs4"); - -// Default bridges. -pref( - "extensions.torlauncher.default_bridge.obfs4.1", - "obfs4 192.95.36.142:443 CDF2E852BF539B82BD10E27E9115A31734E378C2 cert=qUVQ0srL1JI/vO6V6m/24anYXiJD3QP2HgzUKQtQ7GRqqUvs7P+tG43RtAqdhLOALP7DJQ iat-mode=1" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.2", - "obfs4 37.218.245.14:38224 D9A82D2F9C2F65A18407B1D2B764F130847F8B5D cert=bjRaMrr1BRiAW8IE9U5z27fQaYgOhX1UCmOpg2pFpoMvo6ZgQMzLsaTzzQNTlm7hNcb+Sg iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.3", - "obfs4 85.31.186.98:443 011F2599C0E9B27EE74B353155E244813763C3E5 cert=ayq0XzCwhpdysn5o0EyDUbmSOx3X/oTEbzDMvczHOdBJKlvIdHHLJGkZARtT4dcBFArPPg iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.4", - "obfs4 85.31.186.26:443 91A6354697E6B02A386312F68D82CF86824D3606 cert=PBwr+S8JTVZo6MPdHnkTwXJPILWADLqfMGoVvhZClMq/Urndyd42BwX9YFJHZnBB3H0XCw iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.5", - "obfs4 193.11.166.194:27015 2D82C2E354D531A68469ADF7F878FA6060C6BACA cert=4TLQPJrTSaDffMK7Nbao6LC7G9OW/NHkUwIdjLSS3KYf0Nv4/nQiiI8dY2TcsQx01NniOg iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.6", - "obfs4 193.11.166.194:27020 86AC7B8D430DAC4117E9F42C9EAED18133863AAF cert=0LDeJH4JzMDtkJJrFphJCiPqKx7loozKN7VNfuukMGfHO0Z8OGdzHVkhVAOfo1mUdv9cMg iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.7", - "obfs4 193.11.166.194:27025 1AE2C08904527FEA90C4C4F8C1083EA59FBC6FAF cert=ItvYZzW5tn6v3G4UnQa6Qz04Npro6e81AP70YujmK/KXwDFPTs3aHXcHp4n8Vt6w/bv8cA iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.8", - "obfs4 209.148.46.65:443 74FAD13168806246602538555B5521A0383A1875 cert=ssH+9rP8dG2NLDN2XuFw63hIO/9MNNinLmxQDpVa+7kTOa9/m+tGWT1SmSYpQ9uTBGa6Hw iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.9", - "obfs4 146.57.248.225:22 10A6CD36A537FCE513A322361547444B393989F0 cert=K1gDtDAIcUfeLqbstggjIw2rtgIKqdIhUlHp82XRqNSq/mtAjp1BIC9vHKJ2FAEpGssTPw iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.10", - "obfs4 45.145.95.6:27015 C5B7CD6946FF10C5B3E89691A7D3F2C122D2117C cert=TD7PbUO0/0k6xYHMPW3vJxICfkMZNdkRrb63Zhl5j9dW3iRGiCx0A7mPhe5T2EDzQ35+Zw iat-mode=0" -); -pref( - "extensions.torlauncher.default_bridge.obfs4.11", - "obfs4 51.222.13.177:80 5EDAC3B810E12B01F6FD8050D2FD3E277B289A08 cert=2uplIpLQ0q9+0qMFrK5pkaYRDOe460LL9WHBvatgkuRr/SL31wBOEupaMMJ6koRE6Ld0ew iat-mode=0" -); - -pref( - "extensions.torlauncher.default_bridge.meek-azure.1", - "meek_lite 192.0.2.18:80 BE776A53492E1E044A26F17306E1BC46A55A1625 url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com" -); - -pref( - "extensions.torlauncher.default_bridge.snowflake.1", - "snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=cdn.sstatic.net ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn" -); - -pref( - "extensions.torlauncher.default_bridge.snowflake.2", - "snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ front=cdn.sstatic.net ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn" -); ===================================== tools/torbrowser/deploy.sh ===================================== @@ -6,17 +6,10 @@ BUILD_OUTPUT="$2" SCRIPT_DIR="$(realpath "$(dirname "$0")")" RESDIR="$BUILD_OUTPUT/dist/firefox" -if [ "$(uname)" = "Darwin" ]; then +if [ "$(uname)" = "Darwin" ]; then RESDIR="$RESDIR/Tor Browser.app/Contents/Resources" fi -# Add built-in bridges -mkdir -p "$BUILD_OUTPUT/_omni/defaults/preferences" -cat "$BUILD_OUTPUT/dist/bin/browser/defaults/preferences/000-tor-browser.js" "$SCRIPT_DIR/bridges.js" >> "$BUILD_OUTPUT/_omni/defaults/preferences/000-tor-browser.js" -cd "$BUILD_OUTPUT/_omni" -zip -Xmr "$RESDIR/browser/omni.ja" "defaults/preferences/000-tor-browser.js" -rm -rf "$BUILD_OUTPUT/_omni" - # Repackage the manual # rm -rf $BUILD_OUTPUT/_omni # mkdir $BUILD_OUTPUT/_omni @@ -34,12 +27,12 @@ if [ "$(uname)" = "Darwin" ]; then cd "$BINARIES/Tor Browser.app/Contents/MacOS" "$SCRIPT_DIR/browser-self-sign-macos.sh" - else +else # backup the startup script mv "$BINARIES/dev/Browser/firefox" "$BINARIES/dev/Browser/firefox.bak" - - # copy binaries + + # copy binaries cp -r "$RESDIR/"* "$BINARIES/dev/Browser" rm -rf "$BINARIES/dev/Browser/TorBrowser/Data/Browser/profile.default/startupCache" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/0d07d3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/0d07d3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher][main] Update share/torbrowser-launcher/tor-browser-developers.asc (#10)
by boklm (＠boklm) 08 Jan '24

08 Jan '24

boklm pushed to branch main at The Tor Project / Applications / torbrowser-launcher Commits: 9140e6a4 by Nicolas Vigier at 2024-01-08T13:54:51+01:00 Update share/torbrowser-launcher/tor-browser-developers.asc (#10) Update Tor Browser gpg key, with new expiration date on the current subkey. - - - - - 1 changed file: - share/torbrowser-launcher/tor-browser-developers.asc Changes: ===================================== share/torbrowser-launcher/tor-browser-developers.asc ===================================== @@ -70,40 +70,40 @@ df1B0nicivxYAGb0Nc8ICl89WMfKp+/LMzD08Alzz26Mfmglv6zJx2J0b8puMEtT iM4ESrDVrMxewibZ4cI9e1g86WXGPlIZ0ApicFlr69bTIPzIYNmYwWqab2tqm0MQ VRpNDWMIkWJ/r3TTmNN+Fqv827Fo7qR8zjPVi8DyoKmFzfgya2ZoE7od5bGg7lcM 7UhzEPfwZUMqKaawlrnzqy1sGLJi0QZErUhHo3tU9sHYqAtUENvs4LC7dEG5Ag0E -WwnQdAEQAK8MRUxjsvvZFGt3dScnI20cvlL4LM3ReesedqrFEOcZP8q5kVxiu3n1 -zT64BXRza2EiYPttymbh56ynLk/SxxcM1qdGhn1qwdCEav//TYJK4eE0ZRPbdOL6 -YY9hkfBPZUONBD+YYnohsOUnAYRNaRsSjlAwsaoDauJMSOGl7Fam0E2GDvzAYeCE -jE9SYFwW1jGGmvEKjAV9zqjeMwH0A7NWYuTo9VXmCyxRPPhAKw/3XsMuJ1WOnL9r -Pz4yo2ZQlyLf342IFKpvQLw+H3NqRYpJa8P5bi1cKYGHP97UZFHLOu5rzvoyFmTU -82H0oc2BQDIacZzwmVVwyM0wOg4evdRXmv/2KvtuwxosF58kXZTtCQ7miWRWUPGM -X4PR71I70KBBDcLWZMptmW8Ey+oE7DjOUMv77sGeBZdF/pBW0Oy4qgNF/tX//Nko -I2dKBBuEQMikQLgfuEoGF/5zueWJdLjEDESeZB9nXgWEaADwiH+nzcuUYivCYR2y -szRpRTv2GwcUoYbT1Cb8L3Qy77xq21BiOxs5OWylfUS0yLZN9XOP/qwa5MDPmpS1 -kAw3IcBf9MA825PFxXQY/mv9rvd5gmip+vfwBT8F3ZvXzQHAWBF0bXTONmp/Cxuj -jE1PkJBQ+mOg5x/wyYEVw+HkfZgSIwfVFFJ+MXkKYeXXVHg5+lubABEBAAGJBHIE -GAEKACYCGwIWIQTvbiht2oXqKkun3mhOLG6HkymCkAUCYL9srAUJBsp3OAJACRBO -LG6HkymCkMF0IAQZAQoAHRYhBBEHdbXRAfs2vGyRG+t3RJHZ/wbiBQJbCdB0AAoJ -EOt3RJHZ/wbi170P/0Rvg0uBdrHsnKOjfqwPZ6k4I1Wwx2tpkrsb4wKVVxoRTZFO -iF1DE33gZ1Dkf1jczfwdpBZQbC70gkaLz2WpbbBRtg6RIZQO53psM+wmYRO1C4P+ -ByMJ9bf8V28pzKTsBV3jU3ACp2uNWft7wIzUq/6AHHf6RgVvikglC+RcUxLbOHdX -zLpgM8ItzotD3UBq+g67um3VG1HC3/1RaA+tqvrg/uehEjhiC753XYgz2VkHlRVV -oM74KoXC3HKxChwArpT5lAfqwUwvcvvOiPL4ZsBivl452tQOPfef9XBgV7LSQnS1 -Wy8x0L+ncClP8OiEdC3DpZSgZKeFJ1V+xsis9V0Bzs/Pv4VH+s7spvm1Al7BwkNX -Qkxn2csaws1lIuS7cfB6sbdkNNGxAeQSOfCLOCWJU01niy/NVRQiEEjbhCSMHwj1 -AEf6B+sGghmj5BEfCdfB27o4eCrv/xQCJri7g0FlYFypnaxc/lHojNQZZCAHA3Av -/RCcbEoBQ1JBdR2f9oUQ86ZJtHVbUKU4k39jSA/b8eqSQQB6y/2dkNdW2VnXiM/A -i8aj1FJQTX4K+j5pCGy/+AR241qfeImr3JtMav2SrkfuD72dUPbKowFeKq3M0p39 -12peoH82PVnLgsD7uhRTYbhLUOefYG8JvoovnhQH6X9RvMEQ3aZyvRfgkNyR8MoP -/ifP1xddz4quT5XNyrg8z1rwVVDogGigFm2IumnGh/UFNB/dL0JlXV4tmYNeLaKy -/7YSmNMP1MnMWR+FbY8VWFreFZqWMcsk4AaN+fQXzMFJjZ9hbSyBSOpL1TZ20nnI -w0Ant8cuH2LSFPJnlE+KZfzneN6n1o9Wo0lvFwswPxYpHJOkrDyDMeLrkDf6/Kfj -Kq5QujlVJpfOOYgINXUDnvOTotHbOpqRULU6elaKGJbdRByB2cN0lbPJjcOx6GXs -UNqAGO0VcS7CVn6KByxI0MFPbwmK8sZ/MUiJZnnUuB9x3X+Rf2UPRdOyIl3/jc/s -8AAQcvWm7fuxcCOgqK6BPP4S7tpiuYaeI44MhW2H6ndwO49KI7jaoIf0Vk2c2OCy -MsGf5G3djcDnZ70hEEQdr+2h2yaOPkr5j3oAxugA3pRG0rnX7SPol3xnsahkbexW -VltWIA/ZR6RoZpYDT2nAh4vfTzDGCe7SeNMzhuZhvPvJS62XLQcz4zCBbz9LZgtq -nRxpaYjCyY7RQXngVHzy98ImiNmdgfxw1FD+qW2FyC5cN2fgLU8X8hpql9/P68eu -AIA7U6w7fVji3F3Uul0FuqERX6p9ZObfot2LsFZIUoYqUemNt2gqHuzKKZyIjt6Q -3dAx5AUwZE27KZWfpfNbww/HaNtTPqD6ULtvRdQiXheV -=GYln +YUSBvAEQALxuQqEliMOMGpoVXWK7uIPHXmV8U/kUuAtda3Mfo7vySXUgqv3Cgia+ +pszIXa5BYx3GCCx2W+H+EYzyB80Nw/Qz2kAX03+wJ/gaioQfRkNEcZi8cvWS08px +TVpKkaPMRuhSk0eCXAXmikDOUvzxqeB7U/IPBdsZJJoQk5vfOJX1vA0ZvdHwW+uZ +C69rJctAqZ+qaEtOO94i9o+MfUq+ovHPflYM5o27w8oC9LKmTJVa6vMg88dLRkJp +nXHe0Xr8Xq6seJZIfixu1RvFA5OLvxJvEySKwI2HJ+Fn56AnPZKb64YA67PLe/j+ +201w+svGh71FFbjxyrxOTGDdeZ9AMHJ6IRvdhtgvh6ZxceWHKSqDxkZo5BgfKmkK +Y9V+PNmpa/h7jEA+531L67j1o0B1dgmnvHobiixTiTMI7tPTAs9fsXg2RWs+L+nP +VHQLTHqOMRRsD0sv/W2cCrydNN3w7e1Fbv1Ka55AAu1uslO+XJehkbqb5GojaAGM +4DowintgyfEYP4BKl299lD5/w4e1NsO8o7xkU9oswzNT57jocla0P3jFVSdvg75+ +H9qUnp52k0BZO4ynQLreaUpUxax4H9L38iE5ClgX5vJ+4fCEyqyIhAVEhFGpjDJ+ +TG1EB2ljE7PjCKUg+OK+Xf42F5BrZmji1fpAsKiOhSwHs7lj8gcVABEBAAGJBHIE +GAEKACYCGwIWIQTvbiht2oXqKkun3mhOLG6HkymCkAUCZZmnzAUJBYRfEAJACRBO +LG6HkymCkMF0IAQZAQoAHRYhBGExiPxb4hduPtVJAeU9mJqeLUe/BQJhRIG8AAoJ +EOU9mJqeLUe/vKEP/2+AD/ZAqQQRSGbvkh0TIMjLkBpS5lyVA1rHtTOzhAmtCnoi +0x0Dd6w8d81yjNuvfGhijdxPOjUicA+9tEWHKb3AszV8JL72vC2OJl3Qod+C9N55 +907r+EL41A4Ew7bLYz5DifQBoVt/qzTjUIZdpNbz/oDHr75R3bm8QwKSVrj0mia/ +l1rCCLBVAFAaF59VIS/KjyRo5wPqUaUkxU5A1MH/FXcRXaukO4ontNqaZpV+P1c9 ++duQnAI1dXEDpIgCya+4kJDazBKLn3HtPYf758qNj0qAMl+Z3zeGPmdFx5dIV5IQ +wxjQopnjHg6rBTLqGGQvD9OLpCXsCrahEF0BXrVRHVBL5yJih+XO12eIoMX/PnDT +Sd3SodO0W3Pfp6MHMx6QSox8r5OJdi+WrrSwZBBg3UQL82+SBdJMDhxFutyGQ6rj +Wt1EdOOfOLlH97dl2z4jCmstXAc7pPC7XNOFz3zZbJmjBV++Ax9T0Bh5zLfvvzHx +s0j05wlQTiVJZBlGLAecMosdWzf1J6xqaQY2fOn/psF110iWLQMhrsiIXcjeUrFa +g17DCVuB5v6lHxYpcy9KnYQQs7AHrSQHbd22Tw7I+bwdtsKNVLgrg+qGxitbW/kc +/tM17NAHcVrXohP/NUx3QbJ6Ild14EjuFSWlU1Z9TU7PmIzP8TPyiruxv8IqpB0Q +AIFc7W4zMoYaonNZ10tVLhyjwOUAlDwf2B0Iwy15ctr07Kn6bMeMZULFpXhExCw7 +2mtnAK4jHRphR5m7t7mSYxMwSP5HAffFZpkx8YQHYq2ZSe+yIxXeRwraMdO7POJg +tPt730xoBB7Cra2t1yQj9KuIewuy1qZhjn+upabH4x6OVox1gZcoj+cxZ5mSV+9C +Hkypgl9VQZWAjG36Y8rJ//3KFAizJLwGP3XAtUx9cId75mWCz8SJwroadoVrk1dR +IQ2HPZEjmbhWKXR5InJNg0BgHh3qT1bW1tu8xKHqauukrzgAmDcBjOT50lpuGBzW +9hU/MuyaqpPLwWH5NFkpgBwvIGwQbW4aq59M4HZhYeTas0YqQL6ju70c6w0ZmCis +0mn4IaPJCO55HTZvtXxEp4iyyepDoSFbAeOnActKWrOueNlsDshGzfqCbFgCsj+f +vNetkQSX4CBM4r96RydMaSGm1FX+bAu5RoyxIAxIrotHbGY0x1speXawuJx1H9RH +vVoQA/PdUZ+06g8vAjBSxKb+gSEhC6iWJ9shPcGg4FV+E7GTD0x1b61jsiM1FX/T +pIFuTj268C5hCVECxJ8ctClfBdS0if2IDFtJ90NjXijAB6/bPj316h6TKlBBfjjs +5L6tvQRifoG5c3gJ2H++8Gk7ue5jyE9BwJfsySOgBMDQ +=pesg -----END PGP PUBLIC KEY BLOCK----- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher][main] Update self.min_version to 13.0 (#9)
by boklm (＠boklm) 08 Jan '24

08 Jan '24

boklm pushed to branch main at The Tor Project / Applications / torbrowser-launcher Commits: 7b9b5b9c by Nicolas Vigier at 2024-01-08T13:53:33+01:00 Update self.min_version to 13.0 (#9) - - - - - 1 changed file: - torbrowser_launcher/launcher.py Changes: ===================================== torbrowser_launcher/launcher.py ===================================== @@ -72,7 +72,7 @@ class Launcher(QtWidgets.QMainWindow): self.force_redownload = False # This is the current version of Tor Browser, which should get updated with every release - self.min_version = "12.0" + self.min_version = "13.0" # Init launcher self.set_state(None, "", []) View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher][main] Set the TORBROWSER_LAUNCHER environment variable (#8)
by boklm (＠boklm) 08 Jan '24

08 Jan '24

boklm pushed to branch main at The Tor Project / Applications / torbrowser-launcher Commits: f4d2e314 by Nicolas Vigier at 2024-01-08T11:32:06+01:00 Set the TORBROWSER_LAUNCHER environment variable (#8) Set an environment variable to make it easier for Tor Browser to see that torbrowser-launcher is being used. - - - - - 1 changed file: - torbrowser_launcher/__init__.py Changes: ===================================== torbrowser_launcher/__init__.py ===================================== @@ -64,6 +64,10 @@ def main(): settings = bool(args.settings) url_list = args.url + # Set the TORBROWSER_LAUNCHER env variable to make it easier to + # detect that torbrowser-launcher is being used + os.environ["TORBROWSER_LAUNCHER"] = "1" + # Load the version and print the banner with open(os.path.join(SHARE, "version")) as buf: tor_browser_launcher_version = buf.read().strip() View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Modify add-on support
by ma1 (＠ma1) 02 Jan '24

02 Jan '24

ma1 pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: be02ec86 by hackademix at 2023-12-30T19:51:11+01:00 fixup! Modify add-on support Bug 42353: Fix NoScript automatic updates. - - - - - 1 changed file: - fenix/app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt ===================================== @@ -136,37 +136,37 @@ object TorBrowserFeatures { } /** - * If we have not done it yet, enable automatic updates for NoScript and force a + * Enable automatic updates for NoScript and, if we've not done it yet, force a * one-time immediate update check, in order to upgrade old profiles and ensure we've got * the latest stable AMO version available on first startup. * We will do it as soon as the Tor is connected, to prevent early addonUpdater activation * causing automatic update checks failures (components.addonUpdater being a lazy prop). * The extension, from then on, should behave as if the user had installed it manually. */ - if (settings.noscriptUpdated == 0) { - context.components.torController.registerTorListener(object : TorEvents { - override fun onTorConnected() { - context.components.torController.unregisterTorListener(this) - // Enable automatic updates - context.components.addonUpdater.registerForFutureUpdates(NOSCRIPT_ID) - // Force an immediate update check + context.components.torController.registerTorListener(object : TorEvents { + override fun onTorConnected() { + context.components.torController.unregisterTorListener(this) + // Enable automatic updates. This must be done on every startup (tor-browser#42353) + context.components.addonUpdater.registerForFutureUpdates(NOSCRIPT_ID) + // Force a one-time immediate update check for older installations + if (settings.noscriptUpdated < 2) { context.components.addonUpdater.update(NOSCRIPT_ID) - settings.noscriptUpdated = 1 + settings.noscriptUpdated = 2 } + } - @SuppressWarnings("EmptyFunctionBlock") - override fun onTorConnecting() { - } + @SuppressWarnings("EmptyFunctionBlock") + override fun onTorConnecting() { + } - @SuppressWarnings("EmptyFunctionBlock") - override fun onTorStopped() { - } + @SuppressWarnings("EmptyFunctionBlock") + override fun onTorStopped() { + } - @SuppressWarnings("EmptyFunctionBlock") - override fun onTorStatusUpdate(entry: String?, status: String?) { - } - }) - } + @SuppressWarnings("EmptyFunctionBlock") + override fun onTorStatusUpdate(entry: String?, status: String?) { + } + }) } View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/be0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/be0… You're receiving this email because of your account on gitlab.torproject.org.

1 0