commit 06800f1c9c0a3c2adf850f9ad70e7ee8c3e645d0 Author: Mike Perry mikeperry-git@torproject.org Date: Thu Feb 18 14:22:47 2016 -0800
Bug 16917: Allow users to more easily set a non-tor SSH proxy.
Creates a hidden torbutton pref, which if set, allows Tor Browser to work with non-Tor proxies (by disabling our use of SOCKS u+p auth).
Enabling this pref also enables NoScript ABE (to prevent proxied connections from hitting localhost/RFC1918) and executes New Identity. --- src/chrome/content/torbutton.js | 40 ++++++++++++++++++++++++++++++++- src/chrome/content/torbutton_util.js | 4 ++++ src/components/domain-isolator.js | 21 +++++++++++++++++ src/defaults/preferences/preferences.js | 1 + 4 files changed, 65 insertions(+), 1 deletion(-)
diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js index bf45fea..ce49a57 100644 --- a/src/chrome/content/torbutton.js +++ b/src/chrome/content/torbutton.js @@ -233,6 +233,9 @@ var torbutton_unique_pref_observer = case "extensions.torbutton.block_disk": torbutton_update_disk_prefs(); break; + case "extensions.torbutton.use_nontor_proxy": + torbutton_use_nontor_proxy(); + break; case "extensions.torbutton.resist_fingerprinting": case "extensions.torbutton.spoof_english": torbutton_update_fingerprinting_prefs(); @@ -2004,11 +2007,41 @@ function torbutton_clear_image_caches() } }
+/* Called when we switch the use_nontor_proxy pref in either direction. + * + * Enables/disables domain isolation and NoScript ABE, and then does + * new identity + */ +function torbutton_use_nontor_proxy() +{ + let nontor_mode = m_tb_prefs.getBoolPref("extensions.torbutton.use_nontor_proxy"); + let domainIsolator = Cc["@torproject.org/domain-isolator;1"] + .getService(Ci.nsISupports).wrappedJSObject; + + if (m_tb_prefs.getBoolPref("extensions.torbutton.use_nontor_proxy")) { + // We need to enable ABE because non-tor proxies won't reject localhost + // and RFC1918, and we should block them. (The default ABE policy does this). + m_tb_prefs.setBoolPref("noscript.ABE.enabled", true); + + // Disable domain isolation + domainIsolator.disableIsolation(); + } else { + m_tb_prefs.setBoolPref("noscript.ABE.enabled", false); + + domainIsolator.enableIsolation(); + } + + // Always reset our identity if the proxy has changed from tor + // to non-tor. + torbutton_do_new_identity(); +} + function torbutton_do_tor_check() { let checkSvc = Cc["@torproject.org/torbutton-torCheckService;1"] .getService(Ci.nsISupports).wrappedJSObject; if (checkSvc.kCheckNotInitiated != checkSvc.statusOfTorCheck || + m_tb_prefs.getBoolPref("extensions.torbutton.use_nontor_proxy") || !m_tb_prefs.getBoolPref("extensions.torbutton.test_enabled")) return; // Only do the check once.
@@ -3161,7 +3194,12 @@ function torbutton_close_window(event) { var enumerator = wm.getEnumerator("navigator:browser"); while(enumerator.hasMoreElements()) { var win = enumerator.getNext(); - if(win != window) { + // For some reason, when New Identity is called from a pref + // observer (ex: torbutton_use_nontor_proxy) on an ASAN build, + // we sometimes don't have this symbol set in the new window yet. + // However, the new window will run this init later in that case, + // as it does in the OSX case. + if(win != window && "torbutton_do_main_window_startup" in win) { torbutton_log(3, "Found another window"); win.torbutton_do_main_window_startup(); m_tb_is_main_window = false; diff --git a/src/chrome/content/torbutton_util.js b/src/chrome/content/torbutton_util.js index 1ec6dcc..68276d0 100644 --- a/src/chrome/content/torbutton_util.js +++ b/src/chrome/content/torbutton_util.js @@ -148,6 +148,10 @@ function torbutton_check_status() { return false; }
+ if (torprefs.getBoolPref("use_nontor_proxy")) { + return true; + } + if (torbutton_check_socks_remote_dns()) remote_dns = liveprefs.getBoolPref("socks_remote_dns"); else diff --git a/src/components/domain-isolator.js b/src/components/domain-isolator.js index 93c7f65..caf45cf 100644 --- a/src/components/domain-isolator.js +++ b/src/components/domain-isolator.js @@ -53,6 +53,10 @@ let tor = tor || {}; // A mutable map that records what nonce we are using for each domain. tor.noncesForDomains = {};
+// __tor.isolationEabled__. +// A bool that controls if we use SOCKS auth for isolation or not. +tor.isolationEnabled = true; + // __tor.unknownDirtySince__. // Specifies when the current catch-all circuit was first used tor.unknownDirtySince = Date.now(); @@ -96,6 +100,9 @@ tor.newCircuitForDomain = function(domain) { // combination. tor.isolateCircuitsByDomain = function () { mozilla.registerProxyChannelFilter(function (aChannel, aProxy) { + if (!tor.isolationEnabled) + return aProxy; + try { let channel = aChannel.QueryInterface(Ci.nsIChannel), firstPartyURI = mozilla.thirdPartyUtil.getFirstPartyURIFromChannel(channel, true) @@ -145,6 +152,12 @@ DomainIsolator.prototype = { observe: function (subject, topic, data) { if (topic === "profile-after-change") { logger.eclog(3, "domain isolator: set up isolating circuits by domain"); + + let prefs = Cc["@mozilla.org/preferences-service;1"] + .getService(Ci.nsIPrefBranch); + if (prefs.getBoolPref("extensions.torbutton.use_nontor_proxy")) { + tor.isolationEnabled = false; + } tor.isolateCircuitsByDomain(); } }, @@ -152,6 +165,14 @@ DomainIsolator.prototype = { tor.newCircuitForDomain(domain); },
+ enableIsolation: function() { + tor.isolationEnabled = true; + }, + + disableIsolation: function() { + tor.isolationEnabled = false; + }, + wrappedJSObject: null };
diff --git a/src/defaults/preferences/preferences.js b/src/defaults/preferences/preferences.js index 46bfc0e..548f4ed 100644 --- a/src/defaults/preferences/preferences.js +++ b/src/defaults/preferences/preferences.js @@ -33,6 +33,7 @@ pref("extensions.torbutton.test_failed",false); pref("extensions.torbutton.no_proxies_on",""); pref("extensions.torbutton.versioncheck_url","https://www.torproject.org/projects/torbrowser/RecommendedTBBVersions"); pref("extensions.torbutton.versioncheck_enabled",true); +pref("extensions.torbutton.use_nontor_proxy",false);
// XXX: wtf prefs? These seem not actually connected, but govern // if user wants own tor proxy settings