tor-commits
Threads by month
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
November 2021
- 18 participants
- 1046 discussions
[tor-browser/tor-browser-91.3.0esr-11.0-1] Bug 40597: Implement TorSettings module
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit 9cd74389a323b871e1d315d6ce95388d9a645213
Author: Richard Pospesel <richard(a)torproject.org>
Date: Fri Aug 6 16:39:03 2021 +0200
Bug 40597: Implement TorSettings module
- migrated in-page settings read/write implementation from about:preferences#tor
to the TorSettings module
- TorSettings initially loads settings from the tor daemon, and saves them to
firefox prefs
- TorSettings notifies observers when a setting has changed; currently only
QuickStart notification is implemented for parity with previous preference
notify logic in about:torconnect and about:preferences#tor
- about:preferences#tor, and about:torconnect now read and write settings
thorugh the TorSettings module
- all tor settings live in the torbrowser.settings.* preference branch
- removed unused pref modify permission for about:torconnect content page from
AsyncPrefs.jsm
---
browser/components/torconnect/TorConnectParent.jsm | 25 +-
.../torpreferences/content/parseFunctions.jsm | 89 ---
.../torpreferences/content/torBridgeSettings.jsm | 325 --------
.../torpreferences/content/torFirewallSettings.jsm | 72 --
.../components/torpreferences/content/torPane.js | 301 ++++----
.../torpreferences/content/torProxySettings.jsm | 245 -------
browser/components/torpreferences/jar.mn | 12 +-
browser/modules/TorConnect.jsm | 47 +-
browser/modules/TorSettings.jsm | 814 +++++++++++++++++++++
browser/modules/moz.build | 1 +
.../processsingleton/MainProcessSingleton.jsm | 5 +
toolkit/modules/AsyncPrefs.jsm | 1 -
12 files changed, 989 insertions(+), 948 deletions(-)
diff --git a/browser/components/torconnect/TorConnectParent.jsm b/browser/components/torconnect/TorConnectParent.jsm
index 526c588a423e..2fbc2a5c7c7c 100644
--- a/browser/components/torconnect/TorConnectParent.jsm
+++ b/browser/components/torconnect/TorConnectParent.jsm
@@ -7,10 +7,9 @@ const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm");
const { TorConnect, TorConnectTopics, TorConnectState } = ChromeUtils.import(
"resource:///modules/TorConnect.jsm"
);
-
-const TorLauncherPrefs = Object.freeze({
- quickstart: "extensions.torlauncher.quickstart",
-});
+const { TorSettings, TorSettingsTopics, TorSettingsData } = ChromeUtils.import(
+ "resource:///modules/TorSettings.jsm"
+);
/*
This object is basically a marshalling interface between the TorConnect module
@@ -31,7 +30,7 @@ class TorConnectParent extends JSWindowActorParent {
BootstrapProgress: TorConnect.bootstrapProgress,
BootstrapStatus: TorConnect.bootstrapStatus,
ShowCopyLog: TorConnect.logHasWarningOrError,
- QuickStartEnabled: Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false),
+ QuickStartEnabled: TorSettings.quickstart.enabled,
};
// JSWindowActiveParent derived objects cannot observe directly, so create a member
@@ -78,9 +77,12 @@ class TorConnectParent extends JSWindowActorParent {
// TODO: handle
break;
}
- case "nsPref:changed": {
- if (aData === TorLauncherPrefs.quickstart) {
- self.state.QuickStartEnabled = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart);
+ case TorSettingsTopics.SettingChanged:{
+ if (aData === TorSettingsData.QuickStartEnabled) {
+ self.state.QuickStartEnabled = obj.value;
+ } else {
+ // this isn't a setting torconnect cares about
+ return;
}
break;
}
@@ -98,7 +100,7 @@ class TorConnectParent extends JSWindowActorParent {
const topic = TorConnectTopics[key];
Services.obs.addObserver(this.torConnectObserver, topic);
}
- Services.prefs.addObserver(TorLauncherPrefs.quickstart, this.torConnectObserver);
+ Services.obs.addObserver(this.torConnectObserver, TorSettingsTopics.SettingChanged);
}
willDestroy() {
@@ -107,13 +109,14 @@ class TorConnectParent extends JSWindowActorParent {
const topic = TorConnectTopics[key];
Services.obs.removeObserver(this.torConnectObserver, topic);
}
- Services.prefs.removeObserver(TorLauncherPrefs.quickstart, this.torConnectObserver);
+ Services.obs.removeObserver(this.torConnectObserver, TorSettingsTopics.SettingChanged);
}
receiveMessage(message) {
switch (message.name) {
case "torconnect:set-quickstart":
- Services.prefs.setBoolPref(TorLauncherPrefs.quickstart, message.data);
+ TorSettings.quickstart.enabled = message.data;
+ TorSettings.saveToPrefs().applySettings();
break;
case "torconnect:open-tor-preferences":
TorConnect.openTorPreferences();
diff --git a/browser/components/torpreferences/content/parseFunctions.jsm b/browser/components/torpreferences/content/parseFunctions.jsm
deleted file mode 100644
index 954759de63a5..000000000000
--- a/browser/components/torpreferences/content/parseFunctions.jsm
+++ /dev/null
@@ -1,89 +0,0 @@
-"use strict";
-
-var EXPORTED_SYMBOLS = [
- "parsePort",
- "parseAddrPort",
- "parseUsernamePassword",
- "parseAddrPortList",
- "parseBridgeStrings",
- "parsePortList",
-];
-
-// expects a string representation of an integer from 1 to 65535
-let parsePort = function(aPort) {
- // ensure port string is a valid positive integer
- const validIntRegex = /^[0-9]+$/;
- if (!validIntRegex.test(aPort)) {
- throw new Error(`Invalid PORT string : '${aPort}'`);
- }
-
- // ensure port value is on valid range
- let port = Number.parseInt(aPort);
- if (port < 1 || port > 65535) {
- throw new Error(
- `Invalid PORT value, needs to be on range [1,65535] : '${port}'`
- );
- }
-
- return port;
-};
-// expects a string in the format: "ADDRESS:PORT"
-let parseAddrPort = function(aAddrColonPort) {
- let tokens = aAddrColonPort.split(":");
- if (tokens.length != 2) {
- throw new Error(`Invalid ADDRESS:PORT string : '${aAddrColonPort}'`);
- }
- let address = tokens[0];
- let port = parsePort(tokens[1]);
- return [address, port];
-};
-
-// expects a string in the format: "USERNAME:PASSWORD"
-// split on the first colon and any subsequent go into password
-let parseUsernamePassword = function(aUsernameColonPassword) {
- let colonIndex = aUsernameColonPassword.indexOf(":");
- if (colonIndex < 0) {
- // we don't log the contents of the potentially password containing string
- throw new Error("Invalid USERNAME:PASSWORD string");
- }
-
- let username = aUsernameColonPassword.substring(0, colonIndex);
- let password = aUsernameColonPassword.substring(colonIndex + 1);
-
- return [username, password];
-};
-
-// expects a string in the format: ADDRESS:PORT,ADDRESS:PORT,...
-// returns array of ports (as ints)
-let parseAddrPortList = function(aAddrPortList) {
- let addrPorts = aAddrPortList.split(",");
- // parse ADDRESS:PORT string and only keep the port (second element in returned array)
- let retval = addrPorts.map(addrPort => parseAddrPort(addrPort)[1]);
- return retval;
-};
-
-// expects a '/n' or '/r/n' delimited bridge string, which we split and trim
-// each bridge string can also optionally have 'bridge' at the beginning ie:
-// bridge $(type) $(address):$(port) $(certificate)
-// we strip out the 'bridge' prefix here
-let parseBridgeStrings = function(aBridgeStrings) {
-
- // replace carriage returns ('\r') with new lines ('\n')
- aBridgeStrings = aBridgeStrings.replace(/\r/g, "\n");
- // then replace contiguous new lines ('\n') with a single one
- aBridgeStrings = aBridgeStrings.replace(/[\n]+/g, "\n");
-
- // split on the newline and for each bridge string: trim, remove starting 'bridge' string
- // finally discard entries that are empty strings; empty strings could occur if we receive
- // a new line containing only whitespace
- let splitStrings = aBridgeStrings.split("\n");
- return splitStrings.map(val => val.trim().replace(/^bridge\s+/i, ""))
- .filter(bridgeString => bridgeString != "");
-};
-
-// expecting a ',' delimited list of ints with possible white space between
-// returns an array of ints
-let parsePortList = function(aPortListString) {
- let splitStrings = aPortListString.split(",");
- return splitStrings.map(val => parsePort(val.trim()));
-};
diff --git a/browser/components/torpreferences/content/torBridgeSettings.jsm b/browser/components/torpreferences/content/torBridgeSettings.jsm
deleted file mode 100644
index ceb61d3ec972..000000000000
--- a/browser/components/torpreferences/content/torBridgeSettings.jsm
+++ /dev/null
@@ -1,325 +0,0 @@
-"use strict";
-
-var EXPORTED_SYMBOLS = [
- "TorBridgeSource",
- "TorBridgeSettings",
- "makeTorBridgeSettingsNone",
- "makeTorBridgeSettingsBuiltin",
- "makeTorBridgeSettingsBridgeDB",
- "makeTorBridgeSettingsUserProvided",
-];
-
-const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
-const { TorProtocolService } = ChromeUtils.import(
- "resource:///modules/TorProtocolService.jsm"
-);
-const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm");
-
-const TorBridgeSource = {
- NONE: "NONE",
- BUILTIN: "BUILTIN",
- BRIDGEDB: "BRIDGEDB",
- USERPROVIDED: "USERPROVIDED",
-};
-
-class TorBridgeSettings {
- constructor() {
- this._bridgeSource = TorBridgeSource.NONE;
- this._selectedDefaultBridgeType = null;
- this._bridgeStrings = [];
- }
-
- get selectedDefaultBridgeType() {
- if (this._bridgeSource == TorBridgeSource.BUILTIN) {
- return this._selectedDefaultBridgeType;
- }
- return undefined;
- }
-
- get bridgeSource() {
- return this._bridgeSource;
- }
-
- // for display
- get bridgeStrings() {
- return this._bridgeStrings.join("\n");
- }
-
- // raw
- get bridgeStringsArray() {
- return this._bridgeStrings;
- }
-
- static get defaultBridgeTypes() {
- if (TorBridgeSettings._defaultBridgeTypes) {
- return TorBridgeSettings._defaultBridgeTypes;
- }
-
- let bridgeListBranch = Services.prefs.getBranch(
- TorStrings.preferenceBranches.defaultBridge
- );
- let bridgePrefs = bridgeListBranch.getChildList("", {});
-
- // an unordered set for shoving bridge types into
- let bridgeTypes = new Set();
- // look for keys ending in ".N" and treat string before that as the bridge type
- const pattern = /\.[0-9]+$/;
- for (const key of bridgePrefs) {
- const offset = key.search(pattern);
- if (offset != -1) {
- const bt = key.substring(0, offset);
- bridgeTypes.add(bt);
- }
- }
-
- // recommended bridge type goes first in the list
- let recommendedBridgeType = Services.prefs.getCharPref(
- TorStrings.preferenceKeys.recommendedBridgeType,
- null
- );
-
- let retval = [];
- if (recommendedBridgeType && bridgeTypes.has(recommendedBridgeType)) {
- retval.push(recommendedBridgeType);
- }
-
- for (const bridgeType of bridgeTypes.values()) {
- if (bridgeType != recommendedBridgeType) {
- retval.push(bridgeType);
- }
- }
-
- // cache off
- TorBridgeSettings._defaultBridgeTypes = retval;
- return retval;
- }
-
- _readDefaultBridges(aBridgeType) {
- let bridgeBranch = Services.prefs.getBranch(
- TorStrings.preferenceBranches.defaultBridge
- );
- let bridgeBranchPrefs = bridgeBranch.getChildList("", {});
-
- let retval = [];
-
- // regex matches against strings ending in ".N" where N is a positive integer
- let pattern = /\.[0-9]+$/;
- for (const key of bridgeBranchPrefs) {
- // verify the location of the match is the correct offset required for aBridgeType
- // to fit, and that the string begins with aBridgeType
- if (
- key.search(pattern) == aBridgeType.length &&
- key.startsWith(aBridgeType)
- ) {
- let bridgeStr = bridgeBranch.getCharPref(key);
- retval.push(bridgeStr);
- }
- }
-
- // fisher-yates shuffle
- // shuffle so that Tor Browser users don't all try the built-in bridges in the same order
- for (let i = retval.length - 1; i > 0; --i) {
- // number n such that 0.0 <= n < 1.0
- const n = Math.random();
- // integer j such that 0 <= j <= i
- const j = Math.floor(n * (i + 1));
-
- // swap values at indices i and j
- const tmp = retval[i];
- retval[i] = retval[j];
- retval[j] = tmp;
- }
-
- return retval;
- }
-
- _readBridgeDBBridges() {
- let bridgeBranch = Services.prefs.getBranch(
- `${TorStrings.preferenceBranches.bridgeDBBridges}`
- );
- let bridgeBranchPrefs = bridgeBranch.getChildList("", {});
- // the child prefs do not come in any particular order so sort the keys
- // so the values can be compared to what we get out off torrc
- bridgeBranchPrefs.sort();
-
- // just assume all of the prefs under the parent point to valid bridge string
- let retval = bridgeBranchPrefs.map(key =>
- bridgeBranch.getCharPref(key).trim()
- );
-
- return retval;
- }
-
- _readTorrcBridges() {
- let bridgeList = TorProtocolService.readStringArraySetting(
- TorStrings.configKeys.bridgeList
- );
-
- let retval = [];
- for (const line of bridgeList) {
- let trimmedLine = line.trim();
- if (trimmedLine) {
- retval.push(trimmedLine);
- }
- }
-
- return retval;
- }
-
- // analagous to initBridgeSettings()
- readSettings() {
- // restore to defaults
- this._bridgeSource = TorBridgeSource.NONE;
- this._selectedDefaultBridgeType = null;
- this._bridgeStrings = [];
-
- // So the way tor-launcher determines the origin of the configured bridges is a bit
- // weird and depends on inferring our scenario based on some firefox prefs and the
- // relationship between the saved list of bridges in about:config vs the list saved in torrc
-
- // first off, if "extensions.torlauncher.default_bridge_type" is set to one of our
- // builtin default types (obfs4, meek-azure, snowflake, etc) then we provide the
- // bridges in "extensions.torlauncher.default_bridge.*" (filtered by our default_bridge_type)
-
- // next, we compare the list of bridges saved in torrc to the bridges stored in the
- // "extensions.torlauncher.bridgedb_bridge."" branch. If they match *exactly* then we assume
- // the bridges were retrieved from BridgeDB and use those. If the torrc list is empty then we know
- // we have no bridge settings
-
- // finally, if none of the previous conditions are not met, it is assumed the bridges stored in
- // torrc are user-provided
-
- // what we should(?) do once we excise tor-launcher entirely is explicitly store an int/enum in
- // about:config that tells us which scenario we are in so we don't have to guess
-
- let defaultBridgeType = Services.prefs.getCharPref(
- TorStrings.preferenceKeys.defaultBridgeType,
- null
- );
-
- // check if source is BUILTIN
- if (defaultBridgeType) {
- this._bridgeStrings = this._readDefaultBridges(defaultBridgeType);
- this._bridgeSource = TorBridgeSource.BUILTIN;
- this._selectedDefaultBridgeType = defaultBridgeType;
- return;
- }
-
- let torrcBridges = this._readTorrcBridges();
-
- // no stored bridges means no bridge is in use
- if (torrcBridges.length == 0) {
- this._bridgeStrings = [];
- this._bridgeSource = TorBridgeSource.NONE;
- return;
- }
-
- let bridgedbBridges = this._readBridgeDBBridges();
-
- // if these two lists are equal then we got our bridges from bridgedb
- // ie: same element in identical order
- let arraysEqual = (left, right) => {
- if (left.length != right.length) {
- return false;
- }
- const length = left.length;
- for (let i = 0; i < length; ++i) {
- if (left[i] != right[i]) {
- return false;
- }
- }
- return true;
- };
-
- // agreement between prefs and torrc means bridgedb bridges
- if (arraysEqual(torrcBridges, bridgedbBridges)) {
- this._bridgeStrings = torrcBridges;
- this._bridgeSource = TorBridgeSource.BRIDGEDB;
- return;
- }
-
- // otherwise they must be user provided
- this._bridgeStrings = torrcBridges;
- this._bridgeSource = TorBridgeSource.USERPROVIDED;
- }
-
- writeSettings() {
- let settingsObject = new Map();
-
- // init tor bridge settings to null
- settingsObject.set(TorStrings.configKeys.useBridges, null);
- settingsObject.set(TorStrings.configKeys.bridgeList, null);
-
- // clear bridge related firefox prefs
- Services.prefs.setCharPref(TorStrings.preferenceKeys.defaultBridgeType, "");
- let bridgeBranch = Services.prefs.getBranch(
- `${TorStrings.preferenceBranches.bridgeDBBridges}`
- );
- let bridgeBranchPrefs = bridgeBranch.getChildList("", {});
- for (const pref of bridgeBranchPrefs) {
- Services.prefs.clearUserPref(
- `${TorStrings.preferenceBranches.bridgeDBBridges}${pref}`
- );
- }
-
- switch (this._bridgeSource) {
- case TorBridgeSource.BUILTIN:
- // set builtin bridge type to use in prefs
- Services.prefs.setCharPref(
- TorStrings.preferenceKeys.defaultBridgeType,
- this._selectedDefaultBridgeType
- );
- break;
- case TorBridgeSource.BRIDGEDB:
- // save bridges off to prefs
- for (let i = 0; i < this.bridgeStringsArray.length; ++i) {
- Services.prefs.setCharPref(
- `${TorStrings.preferenceBranches.bridgeDBBridges}${i}`,
- this.bridgeStringsArray[i]
- );
- }
- break;
- }
-
- // write over our bridge list if bridges are enabled
- if (this._bridgeSource != TorBridgeSource.NONE) {
- settingsObject.set(TorStrings.configKeys.useBridges, true);
- settingsObject.set(
- TorStrings.configKeys.bridgeList,
- this.bridgeStringsArray
- );
- }
- TorProtocolService.writeSettings(settingsObject);
- }
-}
-
-function makeTorBridgeSettingsNone() {
- return new TorBridgeSettings();
-}
-
-function makeTorBridgeSettingsBuiltin(aBridgeType) {
- let retval = new TorBridgeSettings();
- retval._bridgeSource = TorBridgeSource.BUILTIN;
- retval._selectedDefaultBridgeType = aBridgeType;
- retval._bridgeStrings = retval._readDefaultBridges(aBridgeType);
-
- return retval;
-}
-
-function makeTorBridgeSettingsBridgeDB(aBridges) {
- let retval = new TorBridgeSettings();
- retval._bridgeSource = TorBridgeSource.BRIDGEDB;
- retval._selectedDefaultBridgeType = null;
- retval._bridgeStrings = aBridges;
-
- return retval;
-}
-
-function makeTorBridgeSettingsUserProvided(aBridges) {
- let retval = new TorBridgeSettings();
- retval._bridgeSource = TorBridgeSource.USERPROVIDED;
- retval._selectedDefaultBridgeType = null;
- retval._bridgeStrings = aBridges;
-
- return retval;
-}
diff --git a/browser/components/torpreferences/content/torFirewallSettings.jsm b/browser/components/torpreferences/content/torFirewallSettings.jsm
deleted file mode 100644
index e77f18ef2fae..000000000000
--- a/browser/components/torpreferences/content/torFirewallSettings.jsm
+++ /dev/null
@@ -1,72 +0,0 @@
-"use strict";
-
-var EXPORTED_SYMBOLS = [
- "TorFirewallSettings",
- "makeTorFirewallSettingsNone",
- "makeTorFirewallSettingsCustom",
-];
-
-const { TorProtocolService } = ChromeUtils.import(
- "resource:///modules/TorProtocolService.jsm"
-);
-const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm");
-const { parseAddrPortList } = ChromeUtils.import(
- "chrome://browser/content/torpreferences/parseFunctions.jsm"
-);
-
-class TorFirewallSettings {
- constructor() {
- this._allowedPorts = [];
- }
-
- get portsConfigurationString() {
- let portStrings = this._allowedPorts.map(port => `*:${port}`);
- return portStrings.join(",");
- }
-
- get commaSeparatedListString() {
- return this._allowedPorts.join(",");
- }
-
- get hasPorts() {
- return this._allowedPorts.length > 0;
- }
-
- readSettings() {
- let addressPortList = TorProtocolService.readStringSetting(
- TorStrings.configKeys.reachableAddresses
- );
-
- let allowedPorts = [];
- if (addressPortList) {
- allowedPorts = parseAddrPortList(addressPortList);
- }
- this._allowedPorts = allowedPorts;
- }
-
- writeSettings() {
- let settingsObject = new Map();
-
- // init to null so Tor daemon resets if no ports
- settingsObject.set(TorStrings.configKeys.reachableAddresses, null);
-
- if (this._allowedPorts.length > 0) {
- settingsObject.set(
- TorStrings.configKeys.reachableAddresses,
- this.portsConfigurationString
- );
- }
-
- TorProtocolService.writeSettings(settingsObject);
- }
-}
-
-function makeTorFirewallSettingsNone() {
- return new TorFirewallSettings();
-}
-
-function makeTorFirewallSettingsCustom(aPortsList) {
- let retval = new TorFirewallSettings();
- retval._allowedPorts = aPortsList;
- return retval;
-}
diff --git a/browser/components/torpreferences/content/torPane.js b/browser/components/torpreferences/content/torPane.js
index 1f169cbe1a55..6905cbe473ac 100644
--- a/browser/components/torpreferences/content/torPane.js
+++ b/browser/components/torpreferences/content/torPane.js
@@ -2,6 +2,10 @@
/* global Services */
+const { TorSettings, TorSettingsTopics, TorSettingsData, TorBridgeSource, TorBuiltinBridgeTypes, TorProxyType } = ChromeUtils.import(
+ "resource:///modules/TorSettings.jsm"
+);
+
const { TorProtocolService } = ChromeUtils.import(
"resource:///modules/TorProtocolService.jsm"
);
@@ -10,35 +14,6 @@ const { TorConnect, TorConnectTopics, TorConnectState } = ChromeUtils.import(
"resource:///modules/TorConnect.jsm"
);
-const {
- TorBridgeSource,
- TorBridgeSettings,
- makeTorBridgeSettingsNone,
- makeTorBridgeSettingsBuiltin,
- makeTorBridgeSettingsBridgeDB,
- makeTorBridgeSettingsUserProvided,
-} = ChromeUtils.import(
- "chrome://browser/content/torpreferences/torBridgeSettings.jsm"
-);
-
-const {
- TorProxyType,
- TorProxySettings,
- makeTorProxySettingsNone,
- makeTorProxySettingsSocks4,
- makeTorProxySettingsSocks5,
- makeTorProxySettingsHTTPS,
-} = ChromeUtils.import(
- "chrome://browser/content/torpreferences/torProxySettings.jsm"
-);
-const {
- TorFirewallSettings,
- makeTorFirewallSettingsNone,
- makeTorFirewallSettingsCustom,
-} = ChromeUtils.import(
- "chrome://browser/content/torpreferences/torFirewallSettings.jsm"
-);
-
const { TorLogDialog } = ChromeUtils.import(
"chrome://browser/content/torpreferences/torLogDialog.jsm"
);
@@ -53,14 +28,6 @@ ChromeUtils.defineModuleGetter(
"resource:///modules/TorStrings.jsm"
);
-const { parsePort, parseBridgeStrings, parsePortList } = ChromeUtils.import(
- "chrome://browser/content/torpreferences/parseFunctions.jsm"
-);
-
-const TorLauncherPrefs = {
- quickstart: "extensions.torlauncher.quickstart",
-}
-
/*
Tor Pane
@@ -261,10 +228,11 @@ const gTorPane = (function() {
);
this._enableQuickstartCheckbox.addEventListener("command", e => {
const checked = this._enableQuickstartCheckbox.checked;
- Services.prefs.setBoolPref(TorLauncherPrefs.quickstart, checked);
+ TorSettings.quickstart.enabled = checked;
+ TorSettings.saveToPrefs().applySettings();
});
- this._enableQuickstartCheckbox.checked = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart);
- Services.prefs.addObserver(TorLauncherPrefs.quickstart, this);
+ this._enableQuickstartCheckbox.checked = TorSettings.quickstart.enabled;
+ Services.obs.addObserver(this, TorSettingsTopics.SettingChanged);
// Bridge setup
prefpane.querySelector(selectors.bridges.header).innerText =
@@ -291,7 +259,7 @@ const gTorPane = (function() {
this._bridgeSelectionRadiogroup = prefpane.querySelector(
selectors.bridges.bridgeSelectionRadiogroup
);
- this._bridgeSelectionRadiogroup.value = TorBridgeSource.BUILTIN;
+ this._bridgeSelectionRadiogroup.value = TorBridgeSource.BuiltIn;
this._bridgeSelectionRadiogroup.addEventListener("command", e => {
const value = this._bridgeSelectionRadiogroup.value;
gTorPane.onSelectBridgeOption(value).onUpdateBridgeSettings();
@@ -305,7 +273,7 @@ const gTorPane = (function() {
"label",
TorStrings.settings.selectBridge
);
- this._builtinBridgeOption.setAttribute("value", TorBridgeSource.BUILTIN);
+ this._builtinBridgeOption.setAttribute("value", TorBridgeSource.BuiltIn);
this._builtinBridgeMenulist = prefpane.querySelector(
selectors.bridges.builtinBridgeList
);
@@ -321,7 +289,7 @@ const gTorPane = (function() {
"label",
TorStrings.settings.requestBridgeFromTorProject
);
- this._requestBridgeOption.setAttribute("value", TorBridgeSource.BRIDGEDB);
+ this._requestBridgeOption.setAttribute("value", TorBridgeSource.BridgeDB);
this._requestBridgeButton = prefpane.querySelector(
selectors.bridges.requestBridgeButton
);
@@ -346,7 +314,7 @@ const gTorPane = (function() {
);
this._provideBridgeOption.setAttribute(
"value",
- TorBridgeSource.USERPROVIDED
+ TorBridgeSource.UserProvided
);
prefpane.querySelector(
selectors.bridges.provideBridgeDescription
@@ -395,11 +363,11 @@ const gTorPane = (function() {
let mockProxies = [
{
- value: TorProxyType.SOCKS4,
+ value: TorProxyType.Socks4,
label: TorStrings.settings.proxyTypeSOCKS4,
},
{
- value: TorProxyType.SOCKS5,
+ value: TorProxyType.Socks5,
label: TorStrings.settings.proxyTypeSOCKS5,
},
{ value: TorProxyType.HTTPS, label: TorStrings.settings.proxyTypeHTTP },
@@ -550,12 +518,8 @@ const gTorPane = (function() {
true
);
- // load bridge settings
- let torBridgeSettings = new TorBridgeSettings();
- torBridgeSettings.readSettings();
-
- // populate the bridge list
- for (let currentBridge of TorBridgeSettings.defaultBridgeTypes) {
+ // init bridge UI
+ for (let currentBridge of TorBuiltinBridgeTypes) {
let menuEntry = document.createXULElement("menuitem");
menuEntry.setAttribute("value", currentBridge);
menuEntry.setAttribute("label", currentBridge);
@@ -564,53 +528,41 @@ const gTorPane = (function() {
.appendChild(menuEntry);
}
- this.onSelectBridgeOption(torBridgeSettings.bridgeSource);
- this.onToggleBridge(
- torBridgeSettings.bridgeSource != TorBridgeSource.NONE
- );
- switch (torBridgeSettings.bridgeSource) {
- case TorBridgeSource.NONE:
- break;
- case TorBridgeSource.BUILTIN:
- this._builtinBridgeMenulist.value =
- torBridgeSettings.selectedDefaultBridgeType;
- break;
- case TorBridgeSource.BRIDGEDB:
- this._requestBridgeTextarea.value = torBridgeSettings.bridgeStrings;
- break;
- case TorBridgeSource.USERPROVIDED:
- this._provideBridgeTextarea.value = torBridgeSettings.bridgeStrings;
- break;
+ if (TorSettings.bridges.enabled) {
+ this.onSelectBridgeOption(TorSettings.bridges.source);
+ this.onToggleBridge(
+ TorSettings.bridges.source != TorBridgeSource.Invalid
+ );
+ switch (TorSettings.bridges.source) {
+ case TorBridgeSource.Invalid:
+ break;
+ case TorBridgeSource.BuiltIn:
+ this._builtinBridgeMenulist.value = TorSettings.bridges.builtin_type;
+ break;
+ case TorBridgeSource.BridgeDB:
+ this._requestBridgeTextarea.value = TorSettings.bridges.bridge_strings.join("\n");
+ break;
+ case TorBridgeSource.UserProvided:
+ this._provideBridgeTextarea.value = TorSettings.bridges.bridge_strings.join("\n");
+ break;
+ }
}
- this._bridgeSettings = torBridgeSettings;
-
- // load proxy settings
- let torProxySettings = new TorProxySettings();
- torProxySettings.readSettings();
-
- if (torProxySettings.type != TorProxyType.NONE) {
+ // init proxy UI
+ if (TorSettings.proxy.enabled) {
this.onToggleProxy(true);
- this.onSelectProxyType(torProxySettings.type);
- this._proxyAddressTextbox.value = torProxySettings.address;
- this._proxyPortTextbox.value = torProxySettings.port;
- this._proxyUsernameTextbox.value = torProxySettings.username;
- this._proxyPasswordTextbox.value = torProxySettings.password;
+ this.onSelectProxyType(TorSettings.proxy.type);
+ this._proxyAddressTextbox.value = TorSettings.proxy.address;
+ this._proxyPortTextbox.value = TorSettings.proxy.port;
+ this._proxyUsernameTextbox.value = TorSettings.proxy.username;
+ this._proxyPasswordTextbox.value = TorSettings.proxy.password;
}
- this._proxySettings = torProxySettings;
-
- // load firewall settings
- let torFirewallSettings = new TorFirewallSettings();
- torFirewallSettings.readSettings();
-
- if (torFirewallSettings.hasPorts) {
+ // init firewall
+ if (TorSettings.firewall.enabled) {
this.onToggleFirewall(true);
- this._allowedPortsTextbox.value =
- torFirewallSettings.commaSeparatedListString;
+ this._allowedPortsTextbox.value = TorSettings.firewall.allowed_ports.join(", ");
}
-
- this._firewallSettings = torFirewallSettings;
},
init() {
@@ -683,13 +635,17 @@ const gTorPane = (function() {
if (enabled) {
this.onSelectBridgeOption(this._bridgeSelectionRadiogroup.value);
} else {
- this.onSelectBridgeOption(TorBridgeSource.NONE);
+ this.onSelectBridgeOption(TorBridgeSource.Invalid);
}
return this;
},
// callback when a bridge option is selected
onSelectBridgeOption(source) {
+ if (typeof source === "string") {
+ source = parseInt(source);
+ }
+
// disable all of the bridge elements under radio buttons
this._setElementsDisabled(
[
@@ -701,23 +657,23 @@ const gTorPane = (function() {
true
);
- if (source != TorBridgeSource.NONE) {
+ if (source != TorBridgeSource.Invalid) {
this._bridgeSelectionRadiogroup.value = source;
}
switch (source) {
- case TorBridgeSource.BUILTIN: {
+ case TorBridgeSource.BuiltIn: {
this._setElementsDisabled([this._builtinBridgeMenulist], false);
break;
}
- case TorBridgeSource.BRIDGEDB: {
+ case TorBridgeSource.BridgeDB: {
this._setElementsDisabled(
[this._requestBridgeButton, this._requestBridgeTextarea],
false
);
break;
}
- case TorBridgeSource.USERPROVIDED: {
+ case TorBridgeSource.UserProvided: {
this._setElementsDisabled([this._provideBridgeTextarea], false);
break;
}
@@ -730,14 +686,17 @@ const gTorPane = (function() {
let requestBridgeDialog = new RequestBridgeDialog();
requestBridgeDialog.openDialog(
gSubDialog,
- this._proxySettings.proxyURI,
+ TorSettings.proxy.uri,
aBridges => {
if (aBridges.length > 0) {
- let bridgeSettings = makeTorBridgeSettingsBridgeDB(aBridges);
- bridgeSettings.writeSettings();
- this._bridgeSettings = bridgeSettings;
-
- this._requestBridgeTextarea.value = bridgeSettings.bridgeStrings;
+ let bridgeStrings = aBridges.join("\n");
+ TorSettings.bridges.enabled = true;
+ TorSettings.bridges.source = TorBridgeSource.BridgeDB;
+ TorSettings.bridges.bridge_strings = bridgeStrings;
+ TorSettings.saveToPrefs();
+ TorSettings.applySettings().then((result) => {
+ this._requestBridgeTextarea.value = bridgeStrings;
+ });
}
}
);
@@ -746,53 +705,56 @@ const gTorPane = (function() {
// pushes bridge settings from UI to tor
onUpdateBridgeSettings() {
- let bridgeSettings = null;
-
let source = this._useBridgeCheckbox.checked
- ? this._bridgeSelectionRadiogroup.value
- : TorBridgeSource.NONE;
+ ? parseInt(this._bridgeSelectionRadiogroup.value)
+ : TorBridgeSource.Invalid;
+
switch (source) {
- case TorBridgeSource.NONE: {
- bridgeSettings = makeTorBridgeSettingsNone();
- break;
+ case TorBridgeSource.Invalid: {
+ TorSettings.bridges.enabled = false;
}
- case TorBridgeSource.BUILTIN: {
+ break;
+ case TorBridgeSource.BuiltIn: {
// if there is a built-in bridge already selected, use that
let bridgeType = this._builtinBridgeMenulist.value;
+ console.log(`bridge type: ${bridgeType}`);
if (bridgeType) {
- bridgeSettings = makeTorBridgeSettingsBuiltin(bridgeType);
+ TorSettings.bridges.enabled = true;
+ TorSettings.bridges.source = TorBridgeSource.BuiltIn;
+ TorSettings.bridges.builtin_type = bridgeType;
} else {
- bridgeSettings = makeTorBridgeSettingsNone();
+ TorSettings.bridges.enabled = false;
}
break;
}
- case TorBridgeSource.BRIDGEDB: {
+ case TorBridgeSource.BridgeDB: {
// if there are bridgedb bridges saved in the text area, use them
let bridgeStrings = this._requestBridgeTextarea.value;
if (bridgeStrings) {
- let bridgeStringList = parseBridgeStrings(bridgeStrings);
- bridgeSettings = makeTorBridgeSettingsBridgeDB(bridgeStringList);
+ TorSettings.bridges.enabled = true;
+ TorSettings.bridges.source = TorBridgeSource.BridgeDB;
+ TorSettings.bridges.bridge_strings = bridgeStrings;
} else {
- bridgeSettings = makeTorBridgeSettingsNone();
+ TorSettings.bridges.enabled = false;
}
break;
}
- case TorBridgeSource.USERPROVIDED: {
+ case TorBridgeSource.UserProvided: {
// if bridges already exist in the text area, use them
let bridgeStrings = this._provideBridgeTextarea.value;
if (bridgeStrings) {
- let bridgeStringList = parseBridgeStrings(bridgeStrings);
- bridgeSettings = makeTorBridgeSettingsUserProvided(
- bridgeStringList
- );
+ TorSettings.bridges.enabled = true;
+ TorSettings.bridges.source = TorBridgeSource.UserProvided;
+ TorSettings.bridges.bridge_strings = bridgeStrings;
} else {
- bridgeSettings = makeTorBridgeSettingsNone();
+ TorSettings.bridges.enabled = false;
}
break;
}
}
- bridgeSettings.writeSettings();
- this._bridgeSettings = bridgeSettings;
+ TorSettings.saveToPrefs();
+ TorSettings.applySettings();
+
return this;
},
@@ -822,12 +784,13 @@ const gTorPane = (function() {
// callback when proxy type is changed
onSelectProxyType(value) {
- if (value == "") {
- value = TorProxyType.NONE;
+ if (typeof value === "string") {
+ value = parseInt(value);
}
+
this._proxyTypeMenulist.value = value;
switch (value) {
- case TorProxyType.NONE: {
+ case TorProxyType.Invalid: {
this._setElementsDisabled(
[
this._proxyAddressLabel,
@@ -848,7 +811,7 @@ const gTorPane = (function() {
this._proxyPasswordTextbox.value = "";
break;
}
- case TorProxyType.SOCKS4: {
+ case TorProxyType.Socks4: {
this._setElementsDisabled(
[
this._proxyAddressLabel,
@@ -872,7 +835,7 @@ const gTorPane = (function() {
this._proxyPasswordTextbox.value = "";
break;
}
- case TorProxyType.SOCKS5:
+ case TorProxyType.Socks5:
case TorProxyType.HTTPS: {
this._setElementsDisabled(
[
@@ -895,46 +858,45 @@ const gTorPane = (function() {
// pushes proxy settings from UI to tor
onUpdateProxySettings() {
- const proxyType = this._useProxyCheckbox.checked
- ? this._proxyTypeMenulist.value
- : TorProxyType.NONE;
- const addressString = this._proxyAddressTextbox.value;
- const portString = this._proxyPortTextbox.value;
- const usernameString = this._proxyUsernameTextbox.value;
- const passwordString = this._proxyPasswordTextbox.value;
-
- let proxySettings = null;
-
- switch (proxyType) {
- case TorProxyType.NONE:
- proxySettings = makeTorProxySettingsNone();
+ const type = this._useProxyCheckbox.checked
+ ? parseInt(this._proxyTypeMenulist.value)
+ : TorProxyType.Invalid;
+ const address = this._proxyAddressTextbox.value;
+ const port = this._proxyPortTextbox.value;
+ const username = this._proxyUsernameTextbox.value;
+ const password = this._proxyPasswordTextbox.value;
+
+ switch (type) {
+ case TorProxyType.Invalid:
+ TorSettings.proxy.enabled = false;
break;
- case TorProxyType.SOCKS4:
- proxySettings = makeTorProxySettingsSocks4(
- addressString,
- parsePort(portString)
- );
+ case TorProxyType.Socks4:
+ TorSettings.proxy.enabled = true;
+ TorSettings.proxy.type = type;
+ TorSettings.proxy.address = address;
+ TorSettings.proxy.port = port;
+
break;
- case TorProxyType.SOCKS5:
- proxySettings = makeTorProxySettingsSocks5(
- addressString,
- parsePort(portString),
- usernameString,
- passwordString
- );
+ case TorProxyType.Socks5:
+ TorSettings.proxy.enabled = true;
+ TorSettings.proxy.type = type;
+ TorSettings.proxy.address = address;
+ TorSettings.proxy.port = port;
+ TorSettings.proxy.username = username;
+ TorSettings.proxy.password = password;
break;
case TorProxyType.HTTPS:
- proxySettings = makeTorProxySettingsHTTPS(
- addressString,
- parsePort(portString),
- usernameString,
- passwordString
- );
+ TorSettings.proxy.enabled = true;
+ TorSettings.proxy.type = type;
+ TorSettings.proxy.address = address;
+ TorSettings.proxy.port = port;
+ TorSettings.proxy.username = username;
+ TorSettings.proxy.password = password;
break;
}
+ TorSettings.saveToPrefs();
+ TorSettings.applySettings();
- proxySettings.writeSettings();
- this._proxySettings = proxySettings;
return this;
},
@@ -953,21 +915,20 @@ const gTorPane = (function() {
// pushes firewall settings from UI to tor
onUpdateFirewallSettings() {
+
let portListString = this._useFirewallCheckbox.checked
? this._allowedPortsTextbox.value
: "";
- let firewallSettings = null;
if (portListString) {
- firewallSettings = makeTorFirewallSettingsCustom(
- parsePortList(portListString)
- );
+ TorSettings.firewall.enabled = true;
+ TorSettings.firewall.allowed_ports = portListString;
} else {
- firewallSettings = makeTorFirewallSettingsNone();
+ TorSettings.firewall.enabled = false;
}
+ TorSettings.saveToPrefs();
+ TorSettings.applySettings();
- firewallSettings.writeSettings();
- this._firewallSettings = firewallSettings;
return this;
},
diff --git a/browser/components/torpreferences/content/torProxySettings.jsm b/browser/components/torpreferences/content/torProxySettings.jsm
deleted file mode 100644
index 98bb5e8d5cbf..000000000000
--- a/browser/components/torpreferences/content/torProxySettings.jsm
+++ /dev/null
@@ -1,245 +0,0 @@
-"use strict";
-
-var EXPORTED_SYMBOLS = [
- "TorProxyType",
- "TorProxySettings",
- "makeTorProxySettingsNone",
- "makeTorProxySettingsSocks4",
- "makeTorProxySettingsSocks5",
- "makeTorProxySettingsHTTPS",
-];
-
-const { TorProtocolService } = ChromeUtils.import(
- "resource:///modules/TorProtocolService.jsm"
-);
-const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm");
-const { parseAddrPort, parseUsernamePassword } = ChromeUtils.import(
- "chrome://browser/content/torpreferences/parseFunctions.jsm"
-);
-
-const TorProxyType = {
- NONE: "NONE",
- SOCKS4: "SOCKS4",
- SOCKS5: "SOCKS5",
- HTTPS: "HTTPS",
-};
-
-class TorProxySettings {
- constructor() {
- this._proxyType = TorProxyType.NONE;
- this._proxyAddress = undefined;
- this._proxyPort = undefined;
- this._proxyUsername = undefined;
- this._proxyPassword = undefined;
- }
-
- get type() {
- return this._proxyType;
- }
- get address() {
- return this._proxyAddress;
- }
- get port() {
- return this._proxyPort;
- }
- get username() {
- return this._proxyUsername;
- }
- get password() {
- return this._proxyPassword;
- }
- get proxyURI() {
- switch (this._proxyType) {
- case TorProxyType.SOCKS4:
- return `socks4a://${this._proxyAddress}:${this._proxyPort}`;
- case TorProxyType.SOCKS5:
- if (this._proxyUsername) {
- return `socks5://${this._proxyUsername}:${this._proxyPassword}@${
- this._proxyAddress
- }:${this._proxyPort}`;
- }
- return `socks5://${this._proxyAddress}:${this._proxyPort}`;
- case TorProxyType.HTTPS:
- if (this._proxyUsername) {
- return `http://${this._proxyUsername}:${this._proxyPassword}@${
- this._proxyAddress
- }:${this._proxyPort}`;
- }
- return `http://${this._proxyAddress}:${this._proxyPort}`;
- }
- return undefined;
- }
-
- // attempts to read proxy settings from Tor daemon
- readSettings() {
- // SOCKS4
- {
- let addressPort = TorProtocolService.readStringSetting(
- TorStrings.configKeys.socks4Proxy
- );
- if (addressPort) {
- // address+port
- let [proxyAddress, proxyPort] = parseAddrPort(addressPort);
-
- this._proxyType = TorProxyType.SOCKS4;
- this._proxyAddress = proxyAddress;
- this._proxyPort = proxyPort;
- this._proxyUsername = "";
- this._proxyPassword = "";
-
- return;
- }
- }
-
- // SOCKS5
- {
- let addressPort = TorProtocolService.readStringSetting(
- TorStrings.configKeys.socks5Proxy
- );
-
- if (addressPort) {
- // address+port
- let [proxyAddress, proxyPort] = parseAddrPort(addressPort);
- // username
- let proxyUsername = TorProtocolService.readStringSetting(
- TorStrings.configKeys.socks5ProxyUsername
- );
- // password
- let proxyPassword = TorProtocolService.readStringSetting(
- TorStrings.configKeys.socks5ProxyPassword
- );
-
- this._proxyType = TorProxyType.SOCKS5;
- this._proxyAddress = proxyAddress;
- this._proxyPort = proxyPort;
- this._proxyUsername = proxyUsername;
- this._proxyPassword = proxyPassword;
-
- return;
- }
- }
-
- // HTTP
- {
- let addressPort = TorProtocolService.readStringSetting(
- TorStrings.configKeys.httpsProxy
- );
-
- if (addressPort) {
- // address+port
- let [proxyAddress, proxyPort] = parseAddrPort(addressPort);
-
- // username:password
- let proxyAuthenticator = TorProtocolService.readStringSetting(
- TorStrings.configKeys.httpsProxyAuthenticator
- );
-
- let [proxyUsername, proxyPassword] = ["", ""];
- if (proxyAuthenticator) {
- [proxyUsername, proxyPassword] = parseUsernamePassword(
- proxyAuthenticator
- );
- }
-
- this._proxyType = TorProxyType.HTTPS;
- this._proxyAddress = proxyAddress;
- this._proxyPort = proxyPort;
- this._proxyUsername = proxyUsername;
- this._proxyPassword = proxyPassword;
- }
- }
- // no proxy settings
- } /* TorProxySettings::ReadFromTor() */
-
- // attempts to write proxy settings to Tor daemon
- // throws on error
- writeSettings() {
- let settingsObject = new Map();
-
- // init proxy related settings to null so Tor daemon resets them
- settingsObject.set(TorStrings.configKeys.socks4Proxy, null);
- settingsObject.set(TorStrings.configKeys.socks5Proxy, null);
- settingsObject.set(TorStrings.configKeys.socks5ProxyUsername, null);
- settingsObject.set(TorStrings.configKeys.socks5ProxyPassword, null);
- settingsObject.set(TorStrings.configKeys.httpsProxy, null);
- settingsObject.set(TorStrings.configKeys.httpsProxyAuthenticator, null);
-
- switch (this._proxyType) {
- case TorProxyType.SOCKS4:
- settingsObject.set(
- TorStrings.configKeys.socks4Proxy,
- `${this._proxyAddress}:${this._proxyPort}`
- );
- break;
- case TorProxyType.SOCKS5:
- settingsObject.set(
- TorStrings.configKeys.socks5Proxy,
- `${this._proxyAddress}:${this._proxyPort}`
- );
- settingsObject.set(
- TorStrings.configKeys.socks5ProxyUsername,
- this._proxyUsername
- );
- settingsObject.set(
- TorStrings.configKeys.socks5ProxyPassword,
- this._proxyPassword
- );
- break;
- case TorProxyType.HTTPS:
- settingsObject.set(
- TorStrings.configKeys.httpsProxy,
- `${this._proxyAddress}:${this._proxyPort}`
- );
- settingsObject.set(
- TorStrings.configKeys.httpsProxyAuthenticator,
- `${this._proxyUsername}:${this._proxyPassword}`
- );
- break;
- }
-
- TorProtocolService.writeSettings(settingsObject);
- } /* TorProxySettings::WriteToTor() */
-}
-
-// factory methods for our various supported proxies
-function makeTorProxySettingsNone() {
- return new TorProxySettings();
-}
-
-function makeTorProxySettingsSocks4(aProxyAddress, aProxyPort) {
- let retval = new TorProxySettings();
- retval._proxyType = TorProxyType.SOCKS4;
- retval._proxyAddress = aProxyAddress;
- retval._proxyPort = aProxyPort;
- return retval;
-}
-
-function makeTorProxySettingsSocks5(
- aProxyAddress,
- aProxyPort,
- aProxyUsername,
- aProxyPassword
-) {
- let retval = new TorProxySettings();
- retval._proxyType = TorProxyType.SOCKS5;
- retval._proxyAddress = aProxyAddress;
- retval._proxyPort = aProxyPort;
- retval._proxyUsername = aProxyUsername;
- retval._proxyPassword = aProxyPassword;
- return retval;
-}
-
-function makeTorProxySettingsHTTPS(
- aProxyAddress,
- aProxyPort,
- aProxyUsername,
- aProxyPassword
-) {
- let retval = new TorProxySettings();
- retval._proxyType = TorProxyType.HTTPS;
- retval._proxyAddress = aProxyAddress;
- retval._proxyPort = aProxyPort;
- retval._proxyUsername = aProxyUsername;
- retval._proxyPassword = aProxyPassword;
- return retval;
-}
diff --git a/browser/components/torpreferences/jar.mn b/browser/components/torpreferences/jar.mn
index 857bc9ee3eac..552c92b2feff 100644
--- a/browser/components/torpreferences/jar.mn
+++ b/browser/components/torpreferences/jar.mn
@@ -1,14 +1,10 @@
browser.jar:
- content/browser/torpreferences/parseFunctions.jsm (content/parseFunctions.jsm)
- content/browser/torpreferences/requestBridgeDialog.xhtml (content/requestBridgeDialog.xhtml)
+ content/browser/torpreferences/requestBridgeDialog.xhtml (content/requestBridgeDialog.xhtml)
content/browser/torpreferences/requestBridgeDialog.jsm (content/requestBridgeDialog.jsm)
- content/browser/torpreferences/torBridgeSettings.jsm (content/torBridgeSettings.jsm)
- content/browser/torpreferences/torCategory.inc.xhtml (content/torCategory.inc.xhtml)
- content/browser/torpreferences/torFirewallSettings.jsm (content/torFirewallSettings.jsm)
+ content/browser/torpreferences/torCategory.inc.xhtml (content/torCategory.inc.xhtml)
content/browser/torpreferences/torLogDialog.jsm (content/torLogDialog.jsm)
- content/browser/torpreferences/torLogDialog.xhtml (content/torLogDialog.xhtml)
+ content/browser/torpreferences/torLogDialog.xhtml (content/torLogDialog.xhtml)
content/browser/torpreferences/torPane.js (content/torPane.js)
- content/browser/torpreferences/torPane.xhtml (content/torPane.xhtml)
+ content/browser/torpreferences/torPane.xhtml (content/torPane.xhtml)
content/browser/torpreferences/torPreferences.css (content/torPreferences.css)
content/browser/torpreferences/torPreferencesIcon.svg (content/torPreferencesIcon.svg)
- content/browser/torpreferences/torProxySettings.jsm (content/torProxySettings.jsm)
diff --git a/browser/modules/TorConnect.jsm b/browser/modules/TorConnect.jsm
index 19a3f595d490..e7b8b364db86 100644
--- a/browser/modules/TorConnect.jsm
+++ b/browser/modules/TorConnect.jsm
@@ -18,6 +18,10 @@ const { TorLauncherUtil } = ChromeUtils.import(
"resource://torlauncher/modules/tl-util.jsm"
);
+const { TorSettings, TorSettingsTopics } = ChromeUtils.import(
+ "resource:///modules/TorSettings.jsm"
+);
+
/* Browser observer topis */
const BrowserTopics = Object.freeze({
ProfileAfterChange: "profile-after-change",
@@ -25,7 +29,6 @@ const BrowserTopics = Object.freeze({
/* tor-launcher observer topics */
const TorTopics = Object.freeze({
- ProcessIsReady: "TorProcessIsReady",
BootstrapStatus: "TorBootstrapStatus",
BootstrapError: "TorBootstrapError",
ProcessExited: "TorProcessExited",
@@ -34,7 +37,6 @@ const TorTopics = Object.freeze({
/* Relevant prefs used by tor-launcher */
const TorLauncherPrefs = Object.freeze({
- quickstart: "extensions.torlauncher.quickstart",
prompt_at_startup: "extensions.torlauncher.prompt_at_startup",
});
@@ -250,38 +252,29 @@ const TorConnect = (() => {
// Disabled
this.legacyOrSystemTor();
} else {
- // register the Tor topics we always care about
- for (const topicKey in TorTopics) {
- const topic = TorTopics[topicKey];
+ let observeTopic = (topic) => {
Services.obs.addObserver(this, topic);
console.log(`TorConnect: observing topic '${topic}'`);
- }
+ };
- if (TorProtocolService.torProcessStatus == TorProcessStatus.Running) {
- if (this.shouldQuickStart) {
- // Quickstart
- this.beginBootstrap();
- } else {
- // Configuring
- this.beginConfigure();
- }
+ // register the Tor topics we always care about
+ for (const topicKey in TorTopics) {
+ const topic = TorTopics[topicKey];
+ observeTopic(topic);
}
+ observeTopic(TorSettingsTopics.Ready);
}
-
Services.obs.removeObserver(this, topic);
break;
}
- /* Transition out of Initial if Tor daemon wasn't running yet in BrowserTopics.ProfileAfterChange */
- case TorTopics.ProcessIsReady: {
- if (this.state === TorConnectState.Initial)
- {
- if (this.shouldQuickStart) {
- // Quickstart
- this.beginBootstrap();
- } else {
- // Configuring
- this.beginConfigure();
- }
+ /* We need to wait until TorSettings have been loaded and applied before we can Quickstart */
+ case TorSettingsTopics.Ready: {
+ if (this.shouldQuickStart) {
+ // Quickstart
+ this.beginBootstrap();
+ } else {
+ // Configuring
+ this.beginConfigure();
}
break;
}
@@ -342,7 +335,7 @@ const TorConnect = (() => {
get shouldQuickStart() {
// quickstart must be enabled
- return Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false) &&
+ return TorSettings.quickstart.enabled &&
// and the previous bootstrap attempt must have succeeded
!Services.prefs.getBoolPref(TorLauncherPrefs.prompt_at_startup, true);
},
diff --git a/browser/modules/TorSettings.jsm b/browser/modules/TorSettings.jsm
new file mode 100644
index 000000000000..6d2a6c4a07cf
--- /dev/null
+++ b/browser/modules/TorSettings.jsm
@@ -0,0 +1,814 @@
+"use strict";
+
+var EXPORTED_SYMBOLS = ["TorSettings", "TorSettingsTopics", "TorSettingsData", "TorBridgeSource", "TorBuiltinBridgeTypes", "TorProxyType"];
+
+const { Services } = ChromeUtils.import(
+ "resource://gre/modules/Services.jsm"
+);
+
+const { TorProtocolService, TorProcessStatus } = ChromeUtils.import(
+ "resource:///modules/TorProtocolService.jsm"
+);
+
+/* Browser observer topics */
+const BrowserTopics = Object.freeze({
+ ProfileAfterChange: "profile-after-change",
+});
+
+/* tor-launcher observer topics */
+const TorTopics = Object.freeze({
+ ProcessIsReady: "TorProcessIsReady",
+});
+
+/* TorSettings observer topics */
+const TorSettingsTopics = Object.freeze({
+ Ready: "torsettings:ready",
+ SettingChanged: "torsettings:setting-changed",
+});
+
+/* TorSettings observer data (for SettingChanged topic) */
+const TorSettingsData = Object.freeze({
+ QuickStartEnabled : "torsettings:quickstart_enabled",
+});
+
+/* Prefs used to store settings in TorBrowser prefs */
+const TorSettingsPrefs = Object.freeze({
+ /* bool: are we pulling tor settings from the preferences */
+ enabled: 'torbrowser.settings.enabled',
+ quickstart : {
+ /* bool: does tor connect automatically on launch */
+ enabled: 'torbrowser.settings.quickstart.enabled',
+ },
+ bridges : {
+ /* bool: does tor use bridges */
+ enabled : 'torbrowser.settings.bridges.enabled',
+ /* int: -1=invalid|0=builtin|1=bridge_db|2=user_provided */
+ source : 'torbrowser.settings.bridges.source',
+ /* string: obfs4|meek_azure|snowflake|etc */
+ builtin_type : 'torbrowser.settings.bridges.builtin_type',
+ /* preference branch: each child branch should be a bridge string */
+ bridge_strings : 'torbrowser.settings.bridges.bridge_strings',
+ },
+ proxy : {
+ /* bool: does tor use a proxy */
+ enabled : 'torbrowser.settings.proxy.enabled',
+ /* -1=invalid|0=socks4,1=socks5,2=https */
+ type: 'torbrowser.settings.proxy.type',
+ /* string: proxy server address */
+ address: 'torbrowser.settings.proxy.address',
+ /* int: [1,65535], proxy port */
+ port: 'torbrowser.settings.proxy.port',
+ /* string: username */
+ username: 'torbrowser.settings.proxy.username',
+ /* string: password */
+ password: 'torbrowser.settings.proxy.password',
+ },
+ firewall : {
+ /* bool: does tor have a port allow list */
+ enabled: 'torbrowser.settings.firewall.enabled',
+ /* string: comma-delimitted list of port numbers */
+ allowed_ports: 'torbrowser.settings.firewall.allowed_ports',
+ },
+});
+
+/* Legacy tor-launcher prefs and pref branches*/
+const TorLauncherPrefs = Object.freeze({
+ quickstart: "extensions.torlauncher.quickstart",
+ default_bridge_type: "extensions.torlauncher.default_bridge_type",
+ default_bridge: "extensions.torlauncher.default_bridge.",
+ default_bridge_recommended_type: "extensions.torlauncher.default_bridge_recommended_type",
+ bridgedb_bridge: "extensions.torlauncher.bridgedb_bridge.",
+});
+
+/* Config Keys used to configure tor daemon */
+const TorConfigKeys = Object.freeze({
+ useBridges: "UseBridges",
+ bridgeList: "Bridge",
+ socks4Proxy: "Socks4Proxy",
+ socks5Proxy: "Socks5Proxy",
+ socks5ProxyUsername: "Socks5ProxyUsername",
+ socks5ProxyPassword: "Socks5ProxyPassword",
+ httpsProxy: "HTTPSProxy",
+ httpsProxyAuthenticator: "HTTPSProxyAuthenticator",
+ reachableAddresses: "ReachableAddresses",
+ clientTransportPlugin: "ClientTransportPlugin",
+});
+
+const TorBridgeSource = Object.freeze({
+ Invalid: -1,
+ BuiltIn: 0,
+ BridgeDB: 1,
+ UserProvided: 2,
+});
+
+const TorProxyType = Object.freeze({
+ Invalid: -1,
+ Socks4: 0,
+ Socks5: 1,
+ HTTPS: 2,
+});
+
+
+const TorBuiltinBridgeTypes = Object.freeze(
+ (() => {
+ let bridgeListBranch = Services.prefs.getBranch(TorLauncherPrefs.default_bridge);
+ let bridgePrefs = bridgeListBranch.getChildList("");
+
+ // an unordered set for shoving bridge types into
+ let bridgeTypes = new Set();
+ // look for keys ending in ".N" and treat string before that as the bridge type
+ const pattern = /\.[0-9]+$/;
+ for (const key of bridgePrefs) {
+ const offset = key.search(pattern);
+ if (offset != -1) {
+ const bt = key.substring(0, offset);
+ bridgeTypes.add(bt);
+ }
+ }
+
+ // recommended bridge type goes first in the list
+ let recommendedBridgeType = Services.prefs.getCharPref(TorLauncherPrefs.default_bridge_recommended_type, null);
+
+ let retval = [];
+ if (recommendedBridgeType && bridgeTypes.has(recommendedBridgeType)) {
+ retval.push(recommendedBridgeType);
+ }
+
+ for (const bridgeType of bridgeTypes.values()) {
+ if (bridgeType != recommendedBridgeType) {
+ retval.push(bridgeType);
+ }
+ }
+ return retval;
+ })()
+);
+
+/* Parsing Methods */
+
+// expects a string representation of an integer from 1 to 65535
+let parsePort = function(aPort) {
+ // ensure port string is a valid positive integer
+ const validIntRegex = /^[0-9]+$/;
+ if (!validIntRegex.test(aPort)) {
+ return 0;
+ }
+
+ // ensure port value is on valid range
+ let port = Number.parseInt(aPort);
+ if (port < 1 || port > 65535) {
+ return 0;
+ }
+
+ return port;
+};
+// expects a string in the format: "ADDRESS:PORT"
+let parseAddrPort = function(aAddrColonPort) {
+ let tokens = aAddrColonPort.split(":");
+ if (tokens.length != 2) {
+ return ["", 0];
+ }
+ let address = tokens[0];
+ let port = parsePort(tokens[1]);
+ return [address, port];
+};
+
+// expects a string in the format: "USERNAME:PASSWORD"
+// split on the first colon and any subsequent go into password
+let parseUsernamePassword = function(aUsernameColonPassword) {
+ let colonIndex = aUsernameColonPassword.indexOf(":");
+ if (colonIndex < 0) {
+ return ["", ""];
+ }
+
+ let username = aUsernameColonPassword.substring(0, colonIndex);
+ let password = aUsernameColonPassword.substring(colonIndex + 1);
+
+ return [username, password];
+};
+
+// expects a string in the format: ADDRESS:PORT,ADDRESS:PORT,...
+// returns array of ports (as ints)
+let parseAddrPortList = function(aAddrPortList) {
+ let addrPorts = aAddrPortList.split(",");
+ // parse ADDRESS:PORT string and only keep the port (second element in returned array)
+ let retval = addrPorts.map(addrPort => parseAddrPort(addrPort)[1]);
+ return retval;
+};
+
+// expects a '/n' or '/r/n' delimited bridge string, which we split and trim
+// each bridge string can also optionally have 'bridge' at the beginning ie:
+// bridge $(type) $(address):$(port) $(certificate)
+// we strip out the 'bridge' prefix here
+let parseBridgeStrings = function(aBridgeStrings) {
+
+ // replace carriage returns ('\r') with new lines ('\n')
+ aBridgeStrings = aBridgeStrings.replace(/\r/g, "\n");
+ // then replace contiguous new lines ('\n') with a single one
+ aBridgeStrings = aBridgeStrings.replace(/[\n]+/g, "\n");
+
+ // split on the newline and for each bridge string: trim, remove starting 'bridge' string
+ // finally discard entries that are empty strings; empty strings could occur if we receive
+ // a new line containing only whitespace
+ let splitStrings = aBridgeStrings.split("\n");
+ return splitStrings.map(val => val.trim().replace(/^bridge\s+/i, ""))
+ .filter(bridgeString => bridgeString != "");
+};
+
+// expecting a ',' delimited list of ints with possible white space between
+// returns an array of ints
+let parsePortList = function(aPortListString) {
+ let splitStrings = aPortListString.split(",");
+ // parse and remove duplicates
+ let portSet = new Set(splitStrings.map(val => parsePort(val.trim())));
+ // parsePort returns 0 for failed parses, so remove 0 from list
+ portSet.delete(0);
+ return Array.from(portSet);
+};
+
+let getBuiltinBridgeStrings = function(builtinType) {
+ let bridgeBranch = Services.prefs.getBranch(TorLauncherPrefs.default_bridge);
+ let bridgeBranchPrefs = bridgeBranch.getChildList("");
+ let retval = [];
+
+ // regex matches against strings ending in ".N" where N is a positive integer
+ let pattern = /\.[0-9]+$/;
+ for (const key of bridgeBranchPrefs) {
+ // verify the location of the match is the correct offset required for aBridgeType
+ // to fit, and that the string begins with aBridgeType
+ if (key.search(pattern) == builtinType.length &&
+ key.startsWith(builtinType)) {
+ let bridgeStr = bridgeBranch.getCharPref(key);
+ retval.push(bridgeStr);
+ }
+ }
+
+ // shuffle so that Tor Browser users don't all try the built-in bridges in the same order
+ arrayShuffle(retval);
+
+ return retval;
+};
+
+/* Array methods */
+
+let arrayShuffle = function(array) {
+ // fisher-yates shuffle
+ for (let i = array.length - 1; i > 0; --i) {
+ // number n such that 0.0 <= n < 1.0
+ const n = Math.random();
+ // integer j such that 0 <= j <= i
+ const j = Math.floor(n * (i + 1));
+
+ // swap values at indices i and j
+ const tmp = array[i];
+ array[i] = array[j];
+ array[j] = tmp;
+ }
+}
+
+let arrayCopy = function(array) {
+ return [].concat(array);
+}
+
+/* TorSettings module */
+
+const TorSettings = (() => {
+ let self = {
+ _settings: null,
+
+ // tor daemon related settings
+ defaultSettings: function() {
+ let settings = {
+ quickstart: {
+ enabled: false
+ },
+ bridges : {
+ enabled: false,
+ source: TorBridgeSource.Invalid,
+ builtin_type: null,
+ bridge_strings: [],
+ },
+ proxy: {
+ enabled: false,
+ type: TorProxyType.Invalid,
+ address: null,
+ port: 0,
+ username: null,
+ password: null,
+ },
+ firewall: {
+ enabled: false,
+ allowed_ports: [],
+ },
+ };
+ return settings;
+ },
+
+ /* try and load our settings, and register observers */
+ init: function() {
+ if (TorProtocolService.ownsTorDaemon) {
+ // if the settings branch exists, load settings from prefs
+ if (Services.prefs.getBoolPref(TorSettingsPrefs.enabled, false)) {
+ this.loadFromPrefs();
+ Services.obs.notifyObservers(null, TorSettingsTopics.Ready);
+ }
+ Services.obs.addObserver(this, BrowserTopics.ProfileAfterChange);
+ Services.obs.addObserver(this, TorTopics.ProcessIsReady);
+ }
+ },
+
+ /* wait for relevant life-cycle events to load and/or apply saved settings */
+ observe: async function(subject, topic, data) {
+ console.log(`TorSettings: observed ${topic}`);
+
+ // once the process is ready, we need to apply our settings
+ let handleProcessReady = async () => {
+ Services.obs.removeObserver(this, TorTopics.ProcessIsReady);
+ if (this._settings == null) {
+ // load settings from tor if our load in init() failed and save them to prefs
+ await this.loadLegacy();
+ this.saveToPrefs();
+ } else {
+ // push down settings to tor
+ await this.applySettings();
+ }
+ Services.obs.notifyObservers(null, TorSettingsTopics.Ready);
+ };
+
+ switch (topic) {
+ case BrowserTopics.ProfileAfterChange: {
+ if (TorProtocolService.torProcessStatus == TorProcessStatus.Running) {
+ await handleProcessReady();
+ }
+ }
+ break;
+ case TorTopics.ProcessIsReady: {
+ await handleProcessReady();
+ }
+ break;
+ }
+ },
+
+ // load our settings from old locations (misc prefs and from tor daemon)
+ // TODO: remove this after some time has elapsed to ensure users have migrated to pref settings
+ loadLegacy: async function() {
+ console.log("TorSettings: loadLegacy()");
+
+ let settings = this.defaultSettings();
+
+ /* Quickstart */
+ settings.quickstart.enabled = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false);
+
+ /* Bridges
+
+ So the way tor-launcher determines the origin of the configured bridges is a bit
+ weird and depends on inferring our scenario based on some firefox prefs and the
+ relationship between the saved list of bridges in about:config vs the list saved in torrc
+
+ first off, if "extensions.torlauncher.default_bridge_type" is set to one of our
+ builtin default types (obfs4, meek-azure, snowflake, etc) then we provide the
+ bridges in "extensions.torlauncher.default_bridge.*" (filtered by our default_bridge_type)
+
+ next, we compare the list of bridges saved in torrc to the bridges stored in the
+ "extensions.torlauncher.bridgedb_bridge."" branch. If they match *exactly* then we assume
+ the bridges were retrieved from BridgeDB and use those. If the torrc list is empty then we know
+ we have no bridge settings
+
+ finally, if none of the previous conditions are not met, it is assumed the bridges stored in
+ torrc are user-provided
+ */
+
+ let builtinType = Services.prefs.getCharPref(TorLauncherPrefs.default_bridge_type, null);
+
+ // check if source is built-in
+ if (builtinType) {
+ let builtinBridgeStrings = getBuiltinBridgeStrings(builtinType);
+ if (builtinBridgeStrings.length > 0) {
+ settings.bridges.enabled = true;
+ settings.bridges.source = TorBridgeSource.BuiltIn;
+ settings.bridges.builtin_type = builtinType;
+ settings.bridges.bridge_strings = builtinBridgeStrings;
+ }
+ } else {
+ // get our currently configured bridges from tor
+ let torrcBridgeStrings = await (async () => {
+ let bridgeList = await TorProtocolService.readStringArraySetting(TorConfigKeys.bridgeList);
+ let retval = [];
+ for (const line of bridgeList) {
+ let trimmedLine = line.trim();
+ if (trimmedLine) {
+ retval.push(trimmedLine);
+ }
+ }
+ return retval;
+ })();
+
+ // torrc has bridges configured
+ if (torrcBridgeStrings.length > 0) {
+ // compare tor's bridges to our saved bridgedb bridges
+ let bridgedbBBridgeStrings = (() => {
+ let bridgeBranch = Services.prefs.getBranch(TorLauncherPrefs.bridgedb_bridge);
+ let bridgeBranchPrefs = bridgeBranch.getChildList("");
+ // the child prefs do not come in any particular order so sort the keys
+ // so the values can be compared to what we get out off torrc
+ bridgeBranchPrefs.sort();
+
+ // just assume all of the prefs under the parent point to valid bridge string
+ let retval = bridgeBranchPrefs.map(key =>
+ bridgeBranch.getCharPref(key).trim()
+ );
+ return retval;
+ })();
+
+ let arraysEqual = (left, right) => {
+ if (left.length != right.length) {
+ return false;
+ }
+ const length = left.length;
+ for (let i = 0; i < length; ++i) {
+ if (left[i] != right[i]) {
+ return false;
+ }
+ }
+ return true;
+ };
+
+ if (arraysEqual(torrcBridgeStrings, bridgedbBBridgeStrings)) {
+ settings.bridges.enabled = true;
+ settings.bridges.source = TorBridgeSource.BridgeDB;
+ settings.bridges.builtin_type = null;
+ settings.bridges.bridge_strings = torrcBridgeStrings;
+ } else {
+ settings.bridges.enabled = true;
+ settings.bridges.source = TorBridgeSource.UserProvided;
+ settings.bridges.builtin_type = null;
+ settings.bridges.bridge_strings = torrcBridgeStrings;
+ }
+ } else {
+ // tor has no bridge strings saved, so bridges not in use
+ settings.bridges.enabled = false;
+ settings.bridges.source = TorBridgeSource.Invalid;
+ settings.bridges.builtin_type = null;
+ settings.bridges.bridge_strings = [];
+ }
+ }
+
+ /* Proxy */
+
+ let proxyString = null;
+ if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.socks4Proxy)) {
+ let [address, port] = parseAddrPort(proxyString);
+
+ settings.proxy.enabled = true;
+ settings.proxy.type = TorProxyType.Socks4;
+ settings.proxy.address = address;
+ settings.proxy.port = port;
+ settings.proxy.username = null;
+ settings.proxy.password = null;
+ } else if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.socks5Proxy)) {
+ let [address, port] = parseAddrPort(proxyString);
+ let username = await TorProtocolService.readStringSetting(TorConfigKeys.socks5ProxyUsername);
+ let password = await TorProtocolService.readStringSetting(TorConfigKeys.socks5ProxyPassword);
+
+ settings.proxy.enabled = true;
+ settings.proxy.type = TorProxyType.Socks5;
+ settings.proxy.address = address;
+ settings.proxy.port = port;
+ settings.proxy.username = username;
+ settings.proxy.password = password;
+ } else if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.httpsProxy)) {
+ let [address, port] = parseAddrPort(proxyString);
+ let authenticator = await TorProtocolService.readStringSetting(TorConfigKeys.httpsProxyAuthenticator);
+ let [username, password] = parseUsernamePassword(authenticator);
+
+ settings.proxy.enabled = true;
+ settings.proxy.type = TorProxyType.HTTPS;
+ settings.proxy.address = address;
+ settings.proxy.port = port;
+ settings.proxy.username = username;
+ settings.proxy.password = password;
+ } else {
+ settings.proxy.enabled = false;
+ settings.proxy.type = TorProxyType.Invalid;
+ settings.proxy.address = null;
+ settings.proxy.port = 0;
+ settings.proxy.username = null;
+ settings.proxy.password = null;
+ }
+
+ /* Firewall */
+ let firewallString = await TorProtocolService.readStringSetting(TorConfigKeys.reachableAddresses);
+ if (firewallString) {
+ let allowedPorts = parseAddrPortList(firewallString);
+ settings.firewall.enabled = allowedPorts.length > 0;
+ settings.firewall.allowed_ports = allowedPorts;
+ } else {
+ settings.firewall.enabled = false;
+ settings.firewall.allowed_ports = [];
+ }
+
+ this._settings = settings;
+
+ return this;
+ },
+
+ // load our settings from prefs
+ loadFromPrefs: function() {
+ console.log("TorSettings: loadFromPrefs()");
+
+ let settings = this.defaultSettings();
+
+ /* Quickstart */
+ settings.quickstart.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.quickstart.enabled);
+ /* Bridges */
+ settings.bridges.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.bridges.enabled);
+ if (settings.bridges.enabled) {
+ settings.bridges.source = Services.prefs.getIntPref(TorSettingsPrefs.bridges.source);
+ // builtin bridge (obfs4, meek, snowlfake, etc)
+ if (settings.bridges.source == TorBridgeSource.BuiltIn) {
+ let builtinType = Services.prefs.getStringPref(TorSettingsPrefs.bridges.builtin_type);
+ settings.bridges.builtin_type = builtinType;
+ // always dynamically load builtin bridges rather than loading the cached versions
+ // if the user upgrades and the builtin bridges have changed, we want to ensure the user
+ // can still bootstrap using the provided bridges
+ let bridgeStrings = getBuiltinBridgeStrings(builtinType);
+ if (bridgeStrings.length > 0) {
+ settings.bridges.bridge_strings = bridgeStrings;
+ } else {
+ // in this case the user is using a builtin bridge that is no longer supported,
+ // reset to settings to default values
+ settings.bridges.enabled = false;
+ settings.bridges.source = TorBridgeSource.Invalid;
+ settings.bridges.builtin_type = null;
+ }
+ } else {
+ settings.bridges.bridge_strings = [];
+ let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList("");
+ bridgeBranchPrefs.forEach(pref => {
+ let bridgeString = Services.prefs.getStringPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`);
+ settings.bridges.bridge_strings.push(bridgeString);
+ });
+ }
+ } else {
+ settings.bridges.source = TorBridgeSource.Invalid;
+ settings.bridges.builtin_type = null;
+ settings.bridges.bridge_strings = [];
+ }
+ /* Proxy */
+ settings.proxy.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.proxy.enabled);
+ if (settings.proxy.enabled) {
+ settings.proxy.type = Services.prefs.getIntPref(TorSettingsPrefs.proxy.type);
+ settings.proxy.address = Services.prefs.getStringPref(TorSettingsPrefs.proxy.address);
+ settings.proxy.port = Services.prefs.getIntPref(TorSettingsPrefs.proxy.port);
+ settings.proxy.username = Services.prefs.getStringPref(TorSettingsPrefs.proxy.username);
+ settings.proxy.password = Services.prefs.getStringPref(TorSettingsPrefs.proxy.password);
+ } else {
+ settings.proxy.type = TorProxyType.Invalid;
+ settings.proxy.address = null;
+ settings.proxy.port = 0;
+ settings.proxy.username = null;
+ settings.proxy.password = null;
+ }
+
+ /* Firewall */
+ settings.firewall.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.firewall.enabled);
+ if(settings.firewall.enabled) {
+ let portList = Services.prefs.getStringPref(TorSettingsPrefs.firewall.allowed_ports);
+ settings.firewall.allowed_ports = parsePortList(portList);
+ } else {
+ settings.firewall.allowed_ports = 0;
+ }
+
+ this._settings = settings;
+
+ return this;
+ },
+
+ // save our settings to prefs
+ saveToPrefs: function() {
+ console.log("TorSettings: saveToPrefs()");
+
+ let settings = this._settings;
+
+ /* Quickstart */
+ Services.prefs.setBoolPref(TorSettingsPrefs.quickstart.enabled, settings.quickstart.enabled);
+ /* Bridges */
+ Services.prefs.setBoolPref(TorSettingsPrefs.bridges.enabled, settings.bridges.enabled);
+ if (settings.bridges.enabled) {
+ Services.prefs.setIntPref(TorSettingsPrefs.bridges.source, settings.bridges.source);
+ if (settings.bridges.source === TorBridgeSource.BuiltIn) {
+ Services.prefs.setStringPref(TorSettingsPrefs.bridges.builtin_type, settings.bridges.builtin_type);
+ } else {
+ Services.prefs.clearUserPref(TorSettingsPrefs.bridges.builtin_type);
+ }
+ // erase existing bridge strings
+ let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList("");
+ bridgeBranchPrefs.forEach(pref => {
+ Services.prefs.clearUserPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`);
+ });
+ // write new ones
+ settings.bridges.bridge_strings.forEach((string, index) => {
+ Services.prefs.setStringPref(`${TorSettingsPrefs.bridges.bridge_strings}.${index}`, string);
+ });
+ } else {
+ Services.prefs.clearUserPref(TorSettingsPrefs.bridges.source);
+ Services.prefs.clearUserPref(TorSettingsPrefs.bridges.builtin_type);
+ let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList("");
+ bridgeBranchPrefs.forEach(pref => {
+ Services.prefs.clearUserPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`);
+ });
+ }
+ /* Proxy */
+ Services.prefs.setBoolPref(TorSettingsPrefs.proxy.enabled, settings.proxy.enabled);
+ if (settings.proxy.enabled) {
+ Services.prefs.setIntPref(TorSettingsPrefs.proxy.type, settings.proxy.type);
+ Services.prefs.setStringPref(TorSettingsPrefs.proxy.address, settings.proxy.address);
+ Services.prefs.setIntPref(TorSettingsPrefs.proxy.port, settings.proxy.port);
+ Services.prefs.setStringPref(TorSettingsPrefs.proxy.username, settings.proxy.username);
+ Services.prefs.setStringPref(TorSettingsPrefs.proxy.password, settings.proxy.password);
+ } else {
+ Services.prefs.clearUserPref(TorSettingsPrefs.proxy.type);
+ Services.prefs.clearUserPref(TorSettingsPrefs.proxy.address);
+ Services.prefs.clearUserPref(TorSettingsPrefs.proxy.port);
+ Services.prefs.clearUserPref(TorSettingsPrefs.proxy.username);
+ Services.prefs.clearUserPref(TorSettingsPrefs.proxy.password);
+ }
+ /* Firewall */
+ Services.prefs.setBoolPref(TorSettingsPrefs.firewall.enabled, settings.firewall.enabled);
+ if (settings.firewall.enabled) {
+ Services.prefs.setStringPref(TorSettingsPrefs.firewall.allowed_ports, settings.firewall.allowed_ports.join(","));
+ } else {
+ Services.prefs.clearUserPref(TorSettingsPrefs.firewall.allowed_ports);
+ }
+
+ // all tor settings now stored in prefs :)
+ Services.prefs.setBoolPref(TorSettingsPrefs.enabled, true);
+
+ return this;
+ },
+
+ // push our settings down to the tor daemon
+ applySettings: async function() {
+ console.log("TorSettings: applySettings()");
+ let settings = this._settings;
+ let settingsMap = new Map();
+
+ /* Bridges */
+ settingsMap.set(TorConfigKeys.useBridges, settings.bridges.enabled);
+ if (settings.bridges.enabled) {
+ settingsMap.set(TorConfigKeys.bridgeList, settings.bridges.bridge_strings);
+ } else {
+ // shuffle bridge list
+ settingsMap.set(TorConfigKeys.bridgeList, null);
+ }
+
+ /* Proxy */
+ settingsMap.set(TorConfigKeys.socks4Proxy, null);
+ settingsMap.set(TorConfigKeys.socks5Proxy, null);
+ settingsMap.set(TorConfigKeys.socks5ProxyUsername, null);
+ settingsMap.set(TorConfigKeys.socks5ProxyPassword, null);
+ settingsMap.set(TorConfigKeys.httpsProxy, null);
+ settingsMap.set(TorConfigKeys.httpsProxyAuthenticator, null);
+ if (settings.proxy.enabled) {
+ let address = settings.proxy.address;
+ let port = settings.proxy.port;
+ let username = settings.proxy.username;
+ let password = settings.proxy.password;
+
+ switch (settings.proxy.type) {
+ case TorProxyType.Socks4:
+ settingsMap.set(TorConfigKeys.socks4Proxy, `${address}:${port}`);
+ break;
+ case TorProxyType.Socks5:
+ settingsMap.set(TorConfigKeys.socks5Proxy, `${address}:${port}`);
+ settingsMap.set(TorConfigKeys.socks5ProxyUsername, username);
+ settingsMap.set(TorConfigKeys.socks5ProxyPassword, password);
+ break;
+ case TorProxyType.HTTPS:
+ settingsMap.set(TorConfigKeys.httpsProxy, `${address}:${port}`);
+ settingsMap.set(TorConfigKeys.httpsProxyAuthenticator, `${username}:${password}`);
+ break;
+ }
+ }
+
+ /* Firewall */
+ if (settings.firewall.enabled) {
+ let reachableAddresses = settings.firewall.allowed_ports.map(port => `*:${port}`).join(",");
+ settingsMap.set(TorConfigKeys.reachableAddresses, reachableAddresses);
+ } else {
+ settingsMap.set(TorConfigKeys.reachableAddresses, null);
+ }
+
+ /* Push to Tor */
+ await TorProtocolService.writeSettings(settingsMap);
+
+ return this;
+ },
+
+ /* Getters and Setters */
+
+
+ // Quickstart
+ get quickstart() {
+ return {
+ // Avoid a race-condition on first-start where this property
+ // may be accessed before `self._settings` is initialized.
+ // This work-around can be removed when #40598 is resolved.
+ get enabled() { return (self._settings ? self._settings.quickstart.enabled : false); },
+ set enabled(val) {
+ if (val != self._settings.quickstart.enabled)
+ {
+ self._settings.quickstart.enabled = val;
+ Services.obs.notifyObservers({value: val}, TorSettingsTopics.SettingChanged, TorSettingsData.QuickStartEnabled);
+ }
+ },
+ };
+ },
+
+ // Bridges
+ get bridges() {
+ return {
+ get enabled() { return self._settings.bridges.enabled; },
+ set enabled(val) {
+ self._settings.bridges.enabled = val;
+ // reset bridge settings
+ self._settings.bridges.source = TorBridgeSource.Invalid;
+ self._settings.bridges.builtin_type = null;
+ self._settings.bridges.bridge_strings = [];
+ },
+ get source() { return self._settings.bridges.source; },
+ set source(val) { self._settings.bridges.source = val; },
+ get builtin_type() { return self._settings.bridges.builtin_type; },
+ set builtin_type(val) {
+ let bridgeStrings = getBuiltinBridgeStrings(val);
+ if (bridgeStrings.length > 0) {
+ self._settings.bridges.builtin_type = val;
+ self._settings.bridges.bridge_strings = bridgeStrings;
+ }
+ },
+ get bridge_strings() { return arrayCopy(self._settings.bridges.bridge_strings); },
+ set bridge_strings(val) {
+ self._settings.bridges.bridge_strings = parseBridgeStrings(val);
+ },
+ };
+ },
+
+ // Proxy
+ get proxy() {
+ return {
+ get enabled() { return self._settings.proxy.enabled; },
+ set enabled(val) {
+ self._settings.proxy.enabled = val;
+ // reset proxy settings
+ self._settings.proxy.type = TorProxyType.Invalid;
+ self._settings.proxy.address = null;
+ self._settings.proxy.port = 0;
+ self._settings.proxy.username = null;
+ self._settings.proxy.password = null;
+ },
+ get type() { return self._settings.proxy.type; },
+ set type(val) { self._settings.proxy.type = val; },
+ get address() { return self._settings.proxy.address; },
+ set address(val) { self._settings.proxy.address = val; },
+ get port() { return arrayCopy(self._settings.proxy.port); },
+ set port(val) { self._settings.proxy.port = parsePort(val); },
+ get username() { return self._settings.proxy.username; },
+ set username(val) { self._settings.proxy.username = val; },
+ get password() { return self._settings.proxy.password; },
+ set password(val) { self._settings.proxy.password = val; },
+ get uri() {
+ switch (this.type) {
+ case TorProxyType.Socks4:
+ return `socks4a://${this.address}:${this.port}`;
+ case TorProxyType.Socks5:
+ if (this.username) {
+ return `socks5://${this.username}:${this.password}@${this.address}:${this.port}`;
+ }
+ return `socks5://${this.address}:${this.port}`;
+ case TorProxyType.HTTPS:
+ if (this._proxyUsername) {
+ return `http://${this.username}:${this.password}@${this.address}:${this.port}`;
+ }
+ return `http://${this.address}:${this.port}`;
+ }
+ return null;
+ },
+ };
+ },
+
+ // Firewall
+ get firewall() {
+ return {
+ get enabled() { return self._settings.firewall.enabled; },
+ set enabled(val) {
+ self._settings.firewall.enabled = val;
+ // reset firewall settings
+ self._settings.firewall.allowed_ports = [];
+ },
+ get allowed_ports() { return self._settings.firewall.allowed_ports; },
+ set allowed_ports(val) { self._settings.firewall.allowed_ports = parsePortList(val); },
+ };
+ },
+ };
+ self.init();
+ return self;
+})();
diff --git a/browser/modules/moz.build b/browser/modules/moz.build
index 1ea57aba1a93..8c001d4ac6ed 100644
--- a/browser/modules/moz.build
+++ b/browser/modules/moz.build
@@ -156,6 +156,7 @@ EXTRA_JS_MODULES += [
'TorConnect.jsm',
'TorProcessService.jsm',
"TorProtocolService.jsm",
+ "TorSettings.jsm",
"TorStrings.jsm",
"TransientPrefs.jsm",
"webrtcUI.jsm",
diff --git a/toolkit/components/processsingleton/MainProcessSingleton.jsm b/toolkit/components/processsingleton/MainProcessSingleton.jsm
index 62afa98e1ffc..ba8cd0f3f97d 100644
--- a/toolkit/components/processsingleton/MainProcessSingleton.jsm
+++ b/toolkit/components/processsingleton/MainProcessSingleton.jsm
@@ -24,6 +24,11 @@ MainProcessSingleton.prototype = {
null
);
+ ChromeUtils.import(
+ "resource:///modules/TorSettings.jsm",
+ null
+ );
+
ChromeUtils.import(
"resource:///modules/TorConnect.jsm",
null
diff --git a/toolkit/modules/AsyncPrefs.jsm b/toolkit/modules/AsyncPrefs.jsm
index dd713af8b507..b1a7c8c57ec7 100644
--- a/toolkit/modules/AsyncPrefs.jsm
+++ b/toolkit/modules/AsyncPrefs.jsm
@@ -20,7 +20,6 @@ const kAllowedPrefs = new Set([
"browser.contentblocking.report.hide_vpn_banner",
"browser.contentblocking.report.show_mobile_app",
- "extensions.torlauncher.quickstart",
"narrate.rate",
"narrate.voice",
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] fixup! Bug 27477: Implement about:torconnect captive portal within Tor Browser
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit e15b3cababedf807c2558404e6c13ed953611752
Author: Matthew Finkel <sysrqb(a)torproject.org>
Date: Fri Sep 3 03:52:25 2021 +0000
fixup! Bug 27477: Implement about:torconnect captive portal within Tor Browser
This reverts commit ff3b679987ee9d5515508d94d78ed28166706249.
---
browser/modules/TorConnect.jsm | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/browser/modules/TorConnect.jsm b/browser/modules/TorConnect.jsm
index e7b8b364db86..ddc14148eb88 100644
--- a/browser/modules/TorConnect.jsm
+++ b/browser/modules/TorConnect.jsm
@@ -167,19 +167,19 @@ const TorConnect = (() => {
/* Initial is never transitioned to */
[TorConnectState.Initial, null],
/* Configuring */
- [TorConnectState.Configuring, (self, prevState) => {
+ [TorConnectState.Configuring, async (self, prevState) => {
// TODO move this to the transition function
if (prevState === TorConnectState.Bootstrapping) {
- TorProtocolService.torStopBootstrap();
+ await TorProtocolService.torStopBootstrap();
}
}],
/* AutoConfiguring */
- [TorConnectState.AutoConfiguring, (self, prevState) => {
+ [TorConnectState.AutoConfiguring, async (self, prevState) => {
}],
/* Bootstrapping */
- [TorConnectState.Bootstrapping, (self, prevState) => {
- let error = TorProtocolService.connect();
+ [TorConnectState.Bootstrapping, async (self, prevState) => {
+ let error = await TorProtocolService.connect();
if (error) {
self.onError(error.message, error.details);
} else {
@@ -187,12 +187,12 @@ const TorConnect = (() => {
}
}],
/* Bootstrapped */
- [TorConnectState.Bootstrapped, (self,prevState) => {
+ [TorConnectState.Bootstrapped, async (self,prevState) => {
// notify observers of bootstrap completion
Services.obs.notifyObservers(null, TorConnectTopics.BootstrapComplete);
}],
/* Error */
- [TorConnectState.Error, (self, prevState, errorMessage, errorDetails, fatal) => {
+ [TorConnectState.Error, async (self, prevState, errorMessage, errorDetails, fatal) => {
self._errorMessage = errorMessage;
self._errorDetails = errorDetails;
@@ -204,7 +204,7 @@ const TorConnect = (() => {
}
}],
/* FatalError */
- [TorConnectState.FatalError, (self, prevState) => {
+ [TorConnectState.FatalError, async (self, prevState) => {
Services.obs.notifyObservers(null, TorConnectTopics.FatalError);
}],
/* Disabled */
@@ -213,7 +213,7 @@ const TorConnect = (() => {
}],
])),
- _changeState: function(newState, ...args) {
+ _changeState: async function(newState, ...args) {
const prevState = this._state;
// ensure this is a valid state transition
@@ -228,7 +228,7 @@ const TorConnect = (() => {
this._state = newState;
// call our transition function and forward any args
- this._transitionCallbacks.get(newState)(this, prevState, ...args);
+ await this._transitionCallbacks.get(newState)(this, prevState, ...args);
Services.obs.notifyObservers({state: newState}, TorConnectTopics.StateChange);
},
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] Bug 40253: Explicitly allow NoScript in Private Browsing mode.
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit c79d5dda0c9531bc79fee05edd48c381789d39a6
Author: Matthew Finkel <sysrqb(a)torproject.org>
Date: Fri Sep 3 14:58:28 2021 +0000
Bug 40253: Explicitly allow NoScript in Private Browsing mode.
---
toolkit/components/extensions/Extension.jsm | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/toolkit/components/extensions/Extension.jsm b/toolkit/components/extensions/Extension.jsm
index 69833684ca53..60b610768dfb 100644
--- a/toolkit/components/extensions/Extension.jsm
+++ b/toolkit/components/extensions/Extension.jsm
@@ -2644,6 +2644,15 @@ class Extension extends ExtensionData {
this.permissions.add(PRIVATE_ALLOWED_PERMISSION);
}
+ // Bug 40253: Explicitly allow NoScript in Private Browsing mode.
+ if (this.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}") {
+ ExtensionPermissions.add(this.id, {
+ permissions: [PRIVATE_ALLOWED_PERMISSION],
+ origins: [],
+ });
+ this.permissions.add(PRIVATE_ALLOWED_PERMISSION);
+ }
+
// We only want to update the SVG_CONTEXT_PROPERTIES_PERMISSION during install and
// upgrade/downgrade startups.
if (INSTALL_AND_UPDATE_STARTUP_REASONS.has(this.startupReason)) {
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] Bug 40483: Temporarily redirect DW's v2 address to their new v3 address
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit 7ab6b90cb0971d1d88eaa4d30496cd36c0f2ac92
Author: Matthew Finkel <sysrqb(a)torproject.org>
Date: Mon Oct 4 22:45:56 2021 +0000
Bug 40483: Temporarily redirect DW's v2 address to their new v3 address
---
docshell/base/nsDocShell.cpp | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index c86fed307be6..080754c938b8 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -5990,6 +5990,7 @@ already_AddRefed<nsIURI> nsDocShell::AttemptURIFixup(
bool aNotifyKeywordSearchLoading, nsIInputStream** aNewPostData) {
if (aStatus != NS_ERROR_UNKNOWN_HOST && aStatus != NS_ERROR_NET_RESET &&
aStatus != NS_ERROR_CONNECTION_REFUSED &&
+ aStatus != NS_ERROR_TOR_ONION_SVC_BAD_ADDRESS &&
aStatus !=
mozilla::psm::GetXPCOMFromNSSError(SSL_ERROR_BAD_CERT_DOMAIN)) {
return nullptr;
@@ -6137,6 +6138,18 @@ already_AddRefed<nsIURI> nsDocShell::AttemptURIFixup(
}
}
}
+ } else if (aStatus == NS_ERROR_TOR_ONION_SVC_BAD_ADDRESS) {
+ // Bug 40483: Temporarily redirect DW's v2 address to their new v3 address
+ constexpr auto kV2DW = "dwnewsvdyyiamwnp.onion"_ns;
+ constexpr auto kV3DW = "dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion"_ns;
+ nsAutoCString host;
+ newURI = nullptr;
+ Unused << url->GetHost(host);
+ if (StringEndsWith(host, kV2DW)) {
+ auto& subdomains = Substring(host, 0, host.Length() - kV2DW.Length());
+ Unused << NS_MutateURI(url).SetHost(subdomains + kV3DW).Finalize(
+ getter_AddRefs(newURI));
+ }
} else if (aStatus == NS_ERROR_CONNECTION_REFUSED &&
Preferences::GetBool("browser.fixup.fallback-to-https", false)) {
// Try HTTPS, since http didn't work
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] fixup! TB4: Tor Browser's Firefox preference overrides.
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit 40a198125394de9e3ae5b6a4237c8987f4557adc
Author: Matthew Finkel <sysrqb(a)torproject.org>
Date: Tue Nov 2 20:42:40 2021 +0000
fixup! TB4: Tor Browser's Firefox preference overrides.
---
browser/app/profile/000-tor-browser.js | 1 +
1 file changed, 1 insertion(+)
diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js
index 867bcf2b662f..0011f4d72c9d 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -201,6 +201,7 @@ pref("dom.textMetrics.baselines.enabled", false);
pref("dom.textMetrics.emHeight.enabled", false);
pref("dom.textMetrics.fontBoundingBox.enabled", false);
pref("pdfjs.enableScripting", false);
+pref("javascript.options.large_arraybuffers", false);
// Third party stuff
pref("privacy.firstparty.isolate", true); // Always enforce first party isolation
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] squash! TB4: Tor Browser's Firefox preference overrides.
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit 94bff64eab46f9aa85b246c576120f652467382b
Author: Matthew Finkel <sysrqb(a)torproject.org>
Date: Mon Nov 1 16:28:22 2021 +0000
squash! TB4: Tor Browser's Firefox preference overrides.
Bug 40177: Update prefs for Fx91esr
---
browser/app/profile/000-tor-browser.js | 29 ++++++++++++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js
index 0952a3ad5cfc..ed8c4c8c80dd 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -53,6 +53,9 @@ pref("permissions.memory_only", true);
pref("network.cookie.lifetimePolicy", 2);
pref("security.nocertdb", true);
+// Enabled LSNG
+pref("dom.storage.next_gen", true);
+
// Disk activity: TBB Directory Isolation
pref("browser.download.useDownloadDir", false);
pref("browser.shell.checkDefaultBrowser", false);
@@ -119,11 +122,12 @@ pref("privacy.annotate_channels.strict_list.enabled", false);
// Disable the Pocket extension (Bug #18886 and #31602)
pref("extensions.pocket.enabled", false);
-pref("network.http.referer.hideOnionSource", true);
// Disable use of WiFi location information
pref("browser.region.network.scan", false);
pref("browser.region.network.url", "");
+// Bug 40083: Make sure Region.jsm fetching is disabled
+pref("browser.region.update.enabled", false);
// Don't load Mozilla domains in a separate tab process
pref("browser.tabs.remote.separatedMozillaDomains", "");
@@ -177,6 +181,8 @@ pref("dom.w3c_pointer_events.enabled", false);
pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now
// Disable randomised Firefox HTTP cache decay user test groups (Bug: 13575)
pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now
+// Disable SAB, no matter if the sites are cross-origin isolated.
+pref("dom.postMessage.sharedArrayBuffer.withCOOP_COEP", false);
// Disable intermediate preloading (Bug 30682)
pref("security.remote_settings.intermediates.enabled", false);
// Bug 2874: Block Components.interfaces from content
@@ -190,8 +196,17 @@ pref("privacy.resistFingerprinting.letterboxing", true);
pref("dom.netinfo.enabled", false);
pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status
pref("media.videocontrols.picture-in-picture.enabled", false); // Bug 40148: disable until audited in #40147
+pref("network.http.referer.hideOnionSource", true);
+// Bug 40463: Disable Windows SSO
+pref("network.http.windows-sso.enabled", false);
// Bug 40383: Disable new PerformanceEventTiming
pref("dom.enable_event_timing", false);
+// Disable API for measuring text width and height.
+pref("dom.textMetrics.actualBoundingBox.enabled", false);
+pref("dom.textMetrics.baselines.enabled", false);
+pref("dom.textMetrics.emHeight.enabled", false);
+pref("dom.textMetrics.fontBoundingBox.enabled", false);
+pref("pdfjs.enableScripting", false);
// Third party stuff
pref("privacy.firstparty.isolate", true); // Always enforce first party isolation
@@ -199,6 +214,8 @@ pref("privacy.partition.network_state", false); // Disable for now until audit
pref("network.cookie.cookieBehavior", 1);
pref("network.http.spdy.allow-push", false); // Disabled for now. See https://bugs.torproject.org/27127
pref("network.predictor.enabled", false); // Temporarily disabled. See https://bugs.torproject.org/16633
+// Bug 40177: Make sure tracker cookie purging is disabled
+pref("privacy.purge_trackers.enabled", false);
// Proxy and proxy security
pref("network.proxy.socks", "127.0.0.1");
@@ -207,6 +224,8 @@ pref("network.proxy.socks_remote_dns", true);
pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065)
pref("network.proxy.type", 1);
+// Bug 40548: Disable proxy-bypass
+pref("network.proxy.failover_direct", false);
pref("network.security.ports.banned", "9050,9051,9150,9151");
pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks
pref("network.dns.disablePrefetch", true);
@@ -307,6 +326,8 @@ pref("extensions.legacy.exceptions", "{972ce4c6-7e08-4474-a285-3208198ce6fd},tor
pref("extensions.webextensions.restrictedDomains", "");
// Bug 28896: Make sure our bundled WebExtensions are running in Private Browsing Mode
pref("extensions.allowPrivateBrowsingByDefault", true);
+// Don't give Mozilla-recommended third-party extensions special privileges.
+pref("extensions.postDownloadThirdPartyPrompt", false);
// Toolbar layout
pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"torbutton-button\",\"security-level-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\",\"https-everywhere-eff_eff_org-browser-action\",\"_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount
\":1}");
@@ -314,6 +335,9 @@ pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-
// Enforce certificate pinning, see: https://bugs.torproject.org/16206
pref("security.cert_pinning.enforcement_level", 2);
+// Don't load OS client certs.
+pref("security.osclientcerts.autoload", false);
+
// Don't allow MitM via Microsoft Family Safety, see bug 21686
pref("security.family_safety.mode", 0);
@@ -453,6 +477,9 @@ pref("extensions.torbutton.pref_fixup_version", 0);
#ifdef MOZ_BUNDLED_FONTS
+// Bug 40342: Always use bundled fonts
+pref("gfx.bundled-fonts.activate", 1);
+
#ifdef XP_MACOSX
pref("font.system.whitelist", "AppleGothic, Apple Color Emoji, Arial, Courier, Geneva, Georgia, Heiti TC, Helvetica, Helvetica Neue, .Helvetica Neue DeskInterface, Hiragino Kaku Gothic ProN, Lucida Grande, Monaco, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi, STHeiti, STIX Math, Tahoma, Thonburi, Times, Times New Roman, Verdana");
pref("font.name-list.cursive.x-unicode", "Apple Chancery, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi");
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] fixup! TB4: Tor Browser's Firefox preference overrides.
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit ae322f3e7a10be7445b5c5d592ae002ce7040267
Author: Matthew Finkel <sysrqb(a)torproject.org>
Date: Mon Nov 1 20:29:48 2021 +0000
fixup! TB4: Tor Browser's Firefox preference overrides.
---
browser/app/profile/000-tor-browser.js | 25 -------------------------
1 file changed, 25 deletions(-)
diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js
index ed8c4c8c80dd..867bcf2b662f 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -48,7 +48,6 @@ pref("browser.disableResetPrompt", true);
// Disk activity: Disable Browsing History Storage
pref("browser.privatebrowsing.autostart", true);
pref("browser.cache.disk.enable", false);
-pref("browser.cache.offline.enable", false);
pref("permissions.memory_only", true);
pref("network.cookie.lifetimePolicy", 2);
pref("security.nocertdb", true);
@@ -69,8 +68,6 @@ pref("browser.sessionstore.privacy_level", 2);
// Use the in-memory media cache and increase its maximum size (#29120)
pref("browser.privatebrowsing.forceMediaMemoryCache", true);
pref("media.memory_cache_max_size", 16384);
-// Disable site-specific browsing to avoid sharing site icons with the OS.
-pref("browser.ssb.enabled", false);
// Misc privacy: Remote
pref("browser.send_pings", false);
@@ -164,7 +161,6 @@ pref("dom.serviceWorkers.enabled", false);
pref("dom.push.enabled", false);
// Fingerprinting
-pref("webgl.disable-extensions", true);
pref("webgl.disable-fail-if-major-performance-caveat", true);
pref("webgl.enable-webgl2", false);
pref("gfx.downloadable_fonts.fallback_delay", -1);
@@ -177,9 +173,7 @@ pref("privacy.resistFingerprinting", true);
pref("privacy.resistFingerprinting.block_mozAddonManager", true); // Bug 26114
pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API
pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API
-pref("dom.w3c_pointer_events.enabled", false);
pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now
-// Disable randomised Firefox HTTP cache decay user test groups (Bug: 13575)
pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now
// Disable SAB, no matter if the sites are cross-origin isolated.
pref("dom.postMessage.sharedArrayBuffer.withCOOP_COEP", false);
@@ -241,8 +235,6 @@ pref("network.protocol-handler.warn-external.snews", true);
// Make sure we don't have any GIO supported protocols (defense in depth
// measure)
pref("network.gio.supported-protocols", "");
-pref("plugin.disable", true); // Disable to search plugins on first start
-pref("plugin.state.flash", 0); // Disable for defense-in-depth
pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces
// Disables media devices but only if `media.peerconnection.enabled` is set to
// `false` as well. (see bug 16328 for this defense-in-depth measure)
@@ -278,9 +270,6 @@ pref("network.file.disable_unc_paths", true);
// Enhance our treatment of file:// to avoid proxy bypasses (see Mozilla's bug
// 1412081)
pref("network.file.path_blacklist", "/net");
-// Make sure no enterprise policy can interfere with our proxy settings, see
-// #29916.
-pref("browser.policies.testing.disallowEnterprise", true);
// Security slider
pref("svg.in-content.enabled", true);
@@ -308,24 +297,15 @@ pref("extensions.autoDisableScopes", 0);
pref("extensions.bootstrappedAddons", "{}");
pref("extensions.checkCompatibility.4.*", false);
pref("extensions.databaseSchema", 3);
-pref("extensions.enabledAddons", "https-everywhere%40eff.org:3.1.4,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1,torbutton%40torproject.org:1.5.2,ubufox%40ubuntu.com:2.6,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.5");
-pref("extensions.enabledItems", "langpack-en-US@firefox.mozilla.org:,{73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57,{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8");
pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4
pref("extensions.pendingOperations", false);
-pref("xpinstall.whitelist.add", "");
-pref("xpinstall.whitelist.add.36", "");
// We don't know what extensions Mozilla is advertising to our users and we
// don't want to have some random Google Analytics script running either on the
// about:addons page, see bug 22073, 22900 and 31601.
pref("extensions.getAddons.showPane", false);
pref("extensions.htmlaboutaddons.recommendations.enabled", false);
-// Show our legacy extensions directly on about:addons and get rid of the
-// warning for the default theme.
-pref("extensions.legacy.exceptions", "{972ce4c6-7e08-4474-a285-3208198ce6fd},torbutton(a)torproject.org");
// Bug 26114: Allow NoScript to access addons.mozilla.org etc.
pref("extensions.webextensions.restrictedDomains", "");
-// Bug 28896: Make sure our bundled WebExtensions are running in Private Browsing Mode
-pref("extensions.allowPrivateBrowsingByDefault", true);
// Don't give Mozilla-recommended third-party extensions special privileges.
pref("extensions.postDownloadThirdPartyPrompt", false);
@@ -355,11 +335,6 @@ pref("security.certerrors.mitm.auto_enable_enterprise_roots", false);
pref("extensions.langpacks.signatures.required", false);
#endif
-// Avoid report TLS errors to Mozilla. We might want to repurpose this feature
-// one day to help detecting bad relays (which is bug 19119). For now we just
-// hide the checkbox, see bug 22072.
-pref("security.ssl.errorReporting.enabled", false);
-
// Workaround for https://bugs.torproject.org/13579. Progress on
// `about:downloads` is only shown if the following preference is set to `true`
// in case the download panel got removed from the toolbar.
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] Bug 1728536 - Fix compilation error with `--disable-maintenance-service`. r?#application-update-reviewers
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit b87798e5fd84d93b197a1a1c8419e34b8e0bae17
Author: Nick Alexander <nalexander(a)mozilla.com>
Date: Mon Sep 27 17:10:27 2021 +0000
Bug 1728536 - Fix compilation error with `--disable-maintenance-service`. r?#application-update-reviewers
This was a regression from Bug 1658711.
Differential Revision: https://phabricator.services.mozilla.com/D126715
---
toolkit/mozapps/update/updater/updater.cpp | 2 ++
1 file changed, 2 insertions(+)
diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp
index ddbcdf5cc22a..68d7186bbc4b 100644
--- a/toolkit/mozapps/update/updater/updater.cpp
+++ b/toolkit/mozapps/update/updater/updater.cpp
@@ -3679,6 +3679,7 @@ int NS_main(int argc, NS_tchar** argv) {
# endif
}
+# ifdef MOZ_MAINTENANCE_SERVICE
// If we started the elevated updater, and it finished, check the secure
// update status file to make sure that it succeeded, and if it did we
// need to launch the PostUpdate process in the unelevated updater which
@@ -3696,6 +3697,7 @@ int NS_main(int argc, NS_tchar** argv) {
}
}
}
+# endif
CloseHandle(elevatedFileHandle);
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] TB3: Tor Browser's official .mozconfigs.
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit c4498a200329fd180b850c6858659a05652f0f8a
Author: Mike Perry <mikeperry-git(a)torproject.org>
Date: Mon May 6 15:51:06 2013 -0700
TB3: Tor Browser's official .mozconfigs.
Also:
Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24
Changes needed to build Mac in 64bit
Bug 10715: Enable Webgl for mingw-w64 again.
Disable ICU when cross-compiling; clean-up.
Bug 15773: Enable ICU on OS X
Bug 15990: Don't build the sandbox with mingw-w64
Bug 12761: Switch to ESR 38 for OS X
Updating .mozconfig-asan
Bug 12516: Compile hardenend Tor Browser with -fwrapv
Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 13419: Add back ICU for Windows
Bug 21239: Use GTK2 for ESR52 Linux builds
Bug 23025: Add hardening flags for macOS
Bug 24478: Enable debug assertions and tests in our ASan builds
--enable-proxy-bypass-protection
Bug 27597: ASan build option in tor-browser-build is broken
Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.
Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds
Add an --enable-tor-browser-data-outside-app-dir configure option
Add --with-tor-browser-version configure option
Bug 21849: Don't allow SSL key logging.
Bug 31457: disable per-installation profiles
The dedicated profiles (per-installation) feature does not interact
well with our bundled profiles on Linux and Windows, and it also causes
multiple profiles to be created on macOS under TorBrowser-Data.
Bug 31935: Disable profile downgrade protection.
Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.
Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
Bug 25741 - TBA: Disable features at compile-time
MOZ_NATIVE_DEVICES for casting and the media player
MOZ_TELEMETRY_REPORTING for telemetry
MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo)
Bug 25741 - TBA: Add default configure options in dedicated file
Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
Bug 29859: Disable HLS support for now
Add --disable-tor-launcher build option
Add --enable-tor-browser-update build option
Bug 33734: Set MOZ_NORMANDY to False
Bug 33851: Omit Parental Controls.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40107: Adapt .mozconfig-asan for ESR 78
Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
---
.mozconfig | 39 ++++++++++++++++++++++++
.mozconfig-android | 36 ++++++++++++++++++++++
.mozconfig-asan | 45 ++++++++++++++++++++++++++++
.mozconfig-mac | 56 +++++++++++++++++++++++++++++++++++
.mozconfig-mingw | 31 +++++++++++++++++++
browser/base/moz.build | 3 ++
browser/installer/Makefile.in | 8 +++++
browser/moz.configure | 8 ++---
build/moz.configure/old.configure | 5 ++++
mobile/android/confvars.sh | 9 ++++++
mobile/android/geckoview/build.gradle | 1 +
mobile/android/moz.configure | 21 +++++++++++--
mobile/android/torbrowser.configure | 30 +++++++++++++++++++
old-configure.in | 49 ++++++++++++++++++++++++++++++
security/moz.build | 2 +-
security/nss/lib/ssl/Makefile | 2 +-
toolkit/modules/AppConstants.jsm | 15 ++++++++++
toolkit/modules/moz.build | 3 ++
18 files changed, 355 insertions(+), 8 deletions(-)
diff --git a/.mozconfig b/.mozconfig
new file mode 100755
index 000000000000..18cd1f9b6487
--- /dev/null
+++ b/.mozconfig
@@ -0,0 +1,39 @@
+. $topsrcdir/browser/config/mozconfig
+
+# This mozconfig file is not used in official Tor Browser builds.
+# It is only intended to be used when doing incremental Linux builds
+# during development. The platform-specific mozconfig configuration
+# files used in official Tor Browser releases can be found in the
+# tor-browser-build repo:
+# https://gitweb.torproject.org/builders/tor-browser-build.git/
+# under:
+# tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Let's support GTK3 for ESR60
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+
+ac_add_options --disable-tor-launcher
+ac_add_options --with-tor-browser-version=dev-build
+ac_add_options --disable-tor-browser-update
diff --git a/.mozconfig-android b/.mozconfig-android
new file mode 100755
index 000000000000..50015ec615ef
--- /dev/null
+++ b/.mozconfig-android
@@ -0,0 +1,36 @@
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-arm-linux-androideabi
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Android
+ac_add_options --enable-application=mobile/android
+ac_add_options --target=arm-linux-androideabi
+ac_add_options --with-android-ndk="$NDK_BASE" #Enter the android ndk location(ndk r17b)
+ac_add_options --with-android-sdk="$SDK_BASE" #Enter the android sdk location
+ac_add_options --with-branding=mobile/android/branding/alpha
+
+# Use Mozilla's Clang blobs
+CC="$HOME/.mozbuild/clang/bin/clang"
+CXX="$HOME/.mozbuild/clang/bin/clang++"
+
+#enable ccache to set amount of cache assigned for build.
+ac_add_options --with-ccache
+
+ac_add_options --enable-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-rust-debug
+
+ac_add_options --disable-updater
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-asan b/.mozconfig-asan
new file mode 100644
index 000000000000..98ea6ac6f3fe
--- /dev/null
+++ b/.mozconfig-asan
@@ -0,0 +1,45 @@
+. $topsrcdir/browser/config/mozconfig
+
+export CFLAGS="-fsanitize=address -Dxmalloc=myxmalloc"
+export CXXFLAGS="-fsanitize=address -Dxmalloc=myxmalloc"
+# We need to add -ldl explicitely due to bug 1213698
+export LDFLAGS="-fsanitize=address -ldl"
+
+# Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
+# (which is part of mar-tools and is not distributed to end-users) with
+# ASan. See bug 17858.
+export HOST_CFLAGS=""
+export HOST_CXXFLAGS=""
+export HOST_LDFLAGS="-ldl"
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+export BINDGEN_CFLAGS='--gcc-toolchain=/var/tmp/dist/gcc'
+
+ac_add_options --enable-address-sanitizer
+ac_add_options --disable-jemalloc
+ac_add_options --disable-elf-hack
+ac_add_options --with-clang-path=/var/tmp/dist/clang/bin/clang
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Let's support GTK3 for ESR60
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --enable-tor-browser-update
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-mac b/.mozconfig-mac
new file mode 100644
index 000000000000..26e2b6b92fdb
--- /dev/null
+++ b/.mozconfig-mac
@@ -0,0 +1,56 @@
+# ld needs libLTO.so from llvm
+mk_add_options "export LD_LIBRARY_PATH=$topsrcdir/clang/lib"
+
+CROSS_CCTOOLS_PATH=$topsrcdir/cctools
+CROSS_SYSROOT=$topsrcdir/MacOSX10.7.sdk
+CROSS_PRIVATE_FRAMEWORKS=$CROSS_SYSROOT/System/Library/PrivateFrameworks
+HARDENING_FLAGS="-Werror=format -Werror=format-security -fstack-protector-strong -D_FORTIFY_SOURCE=2"
+FLAGS="-target x86_64-apple-darwin10 -mlinker-version=136 -B $CROSS_CCTOOLS_PATH/bin -isysroot $CROSS_SYSROOT $HARDENING_FLAGS"
+
+export CC="$topsrcdir/clang/bin/clang $FLAGS"
+export CXX="$topsrcdir/clang/bin/clang++ $FLAGS"
+export CPP="$topsrcdir/clang/bin/clang $FLAGS -E"
+export LLVMCONFIG=$topsrcdir/clang/bin/llvm-config
+export LDFLAGS="-Wl,-syslibroot,$CROSS_SYSROOT -Wl,-dead_strip -Wl,-pie"
+export TOOLCHAIN_PREFIX=$CROSS_CCTOOLS_PATH/bin/x86_64-apple-darwin10-
+#TODO: bug 1184202 - would be nice if these could be detected with TOOLCHAIN_PREFIX automatically
+export AR=${TOOLCHAIN_PREFIX}ar
+export RANLIB=${TOOLCHAIN_PREFIX}ranlib
+export STRIP=${TOOLCHAIN_PREFIX}strip
+export OTOOL=${TOOLCHAIN_PREFIX}otool
+export DSYMUTIL=$topsrcdir/clang/bin/llvm-dsymutil
+
+export HOST_CC="$topsrcdir/clang/bin/clang"
+export HOST_CXX="$topsrcdir/clang/bin/clang++"
+export HOST_CPP="$topsrcdir/clang/bin/clang -E"
+export HOST_CFLAGS="-g"
+export HOST_CXXFLAGS="-g"
+export HOST_LDFLAGS="-g"
+
+ac_add_options --target=x86_64-apple-darwin
+ac_add_options --with-macos-private-frameworks=$CROSS_PRIVATE_FRAMEWORKS
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-macos
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-application=browser
+ac_add_options --enable-strip
+ac_add_options --enable-official-branding
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --disable-debug
+
+ac_add_options --enable-tor-browser-data-outside-app-dir
+ac_add_options --enable-tor-browser-update
+
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-tests
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-mingw b/.mozconfig-mingw
new file mode 100644
index 000000000000..3ec6ff18a3e9
--- /dev/null
+++ b/.mozconfig-mingw
@@ -0,0 +1,31 @@
+CROSS_COMPILE=1
+
+ac_add_options --enable-application=browser
+ac_add_options --target=i686-w64-mingw32
+ac_add_options --with-toolchain-prefix=i686-w64-mingw32-
+ac_add_options --enable-default-toolkit=cairo-windows
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-mingw
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --disable-debug
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-strip
+ac_add_options --enable-official-branding
+
+ac_add_options --enable-tor-browser-update
+ac_add_options --disable-bits-download
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --disable-crashreporter
+ac_add_options --disable-maintenance-service
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-tests
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+ac_add_options --disable-default-browser-agent
diff --git a/browser/base/moz.build b/browser/base/moz.build
index 4058d6d86fea..ee3bc8028b9e 100644
--- a/browser/base/moz.build
+++ b/browser/base/moz.build
@@ -81,6 +81,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] in ("windows", "gtk", "cocoa"):
if CONFIG["MOZ_WIDGET_TOOLKIT"] in ("windows", "gtk"):
DEFINES["MENUBAR_CAN_AUTOHIDE"] = 1
+if CONFIG["TOR_BROWSER_UPDATE"]:
+ DEFINES["TOR_BROWSER_UPDATE"] = 1
+
JAR_MANIFESTS += ["jar.mn"]
GeneratedFile(
diff --git a/browser/installer/Makefile.in b/browser/installer/Makefile.in
index f98964d8a9eb..d55b373ff488 100644
--- a/browser/installer/Makefile.in
+++ b/browser/installer/Makefile.in
@@ -82,6 +82,14 @@ endif
endif
endif
+ifdef TOR_BROWSER_DISABLE_TOR_LAUNCHER
+DEFINES += -DTOR_BROWSER_DISABLE_TOR_LAUNCHER
+endif
+
+ifdef TOR_BROWSER_UPDATE
+DEFINES += -DTOR_BROWSER_UPDATE
+endif
+
ifneq (,$(filter WINNT Darwin Android,$(OS_TARGET)))
DEFINES += -DMOZ_SHARED_MOZGLUE=1
endif
diff --git a/browser/moz.configure b/browser/moz.configure
index 8653bcbb165d..5a0b722b915e 100644
--- a/browser/moz.configure
+++ b/browser/moz.configure
@@ -5,11 +5,11 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
imply_option("MOZ_PLACES", True)
-imply_option("MOZ_SERVICES_HEALTHREPORT", True)
+imply_option("MOZ_SERVICES_HEALTHREPORT", False)
imply_option("MOZ_SERVICES_SYNC", True)
-imply_option("MOZ_DEDICATED_PROFILES", True)
-imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", True)
-imply_option("MOZ_NORMANDY", True)
+imply_option("MOZ_DEDICATED_PROFILES", False)
+imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", False)
+imply_option("MOZ_NORMANDY", False)
with only_when(target_is_linux & compile_environment):
option(env="MOZ_NO_PIE_COMPAT", help="Enable non-PIE wrapper")
diff --git a/build/moz.configure/old.configure b/build/moz.configure/old.configure
index 35ab75df3a14..95f4200d0973 100644
--- a/build/moz.configure/old.configure
+++ b/build/moz.configure/old.configure
@@ -119,6 +119,11 @@ def old_configure_options(*options):
"--with-user-appdir",
"--x-includes",
"--x-libraries",
+ # Tor additions.
+ "--with-tor-browser-version",
+ "--enable-tor-browser-update",
+ "--enable-tor-browser-data-outside-app-dir",
+ "--enable-tor-launcher",
)
def prepare_configure_options(host, target, all_options, *options):
# old-configure only supports the options listed in @old_configure_options
diff --git a/mobile/android/confvars.sh b/mobile/android/confvars.sh
index 70e13c85b258..b2670451ed91 100644
--- a/mobile/android/confvars.sh
+++ b/mobile/android/confvars.sh
@@ -29,6 +29,15 @@ MOZ_ANDROID_BROWSER_INTENT_CLASS=org.mozilla.gecko.BrowserApp
MOZ_NO_SMART_CARDS=1
+# Adds MIME-type support for raw video
MOZ_RAW=1
MOZ_APP_ID={aa3c5121-dab2-40e2-81ca-7ea25febc110}
+
+### Tor Browser for Android ###
+
+# Disable telemetry at compile-time
+unset MOZ_TELEMETRY_REPORTING
+
+# Disable data reporting at compile-time
+unset MOZ_DATA_REPORTING
diff --git a/mobile/android/geckoview/build.gradle b/mobile/android/geckoview/build.gradle
index f60ea1730d5c..bdee206175db 100644
--- a/mobile/android/geckoview/build.gradle
+++ b/mobile/android/geckoview/build.gradle
@@ -93,6 +93,7 @@ android {
buildConfigField 'String', "MOZ_APP_DISPLAYNAME", "\"${mozconfig.substs.MOZ_APP_DISPLAYNAME}\"";
buildConfigField 'String', "MOZ_APP_UA_NAME", "\"${mozconfig.substs.MOZ_APP_UA_NAME}\"";
buildConfigField 'String', "MOZ_UPDATE_CHANNEL", "\"${mozconfig.substs.MOZ_UPDATE_CHANNEL}\"";
+ buildConfigField 'String', "TOR_BROWSER_VERSION", "\"${mozconfig.substs.TOR_BROWSER_VERSION}\"";
// MOZILLA_VERSION is oddly quoted from autoconf, but we don't have to handle it specially in Gradle.
buildConfigField 'String', "MOZILLA_VERSION", "\"${mozconfig.substs.MOZILLA_VERSION}\"";
diff --git a/mobile/android/moz.configure b/mobile/android/moz.configure
index 106f6c816814..96a014bb28e8 100644
--- a/mobile/android/moz.configure
+++ b/mobile/android/moz.configure
@@ -13,7 +13,7 @@ project_flag(
project_flag(
"MOZ_ANDROID_HLS_SUPPORT",
help="Enable HLS (HTTP Live Streaming) support (currently using the ExoPlayer library)",
- default=True,
+ default=False,
)
option(
@@ -51,7 +51,10 @@ set_config(
)
imply_option("MOZ_NORMANDY", False)
-imply_option("MOZ_SERVICES_HEALTHREPORT", True)
+# Comment this so we can imply |False| in torbrowser.configure
+# The Build system doesn't allow multiple imply_option()
+# calls with the same key.
+# imply_option("MOZ_SERVICES_HEALTHREPORT", True)
imply_option("MOZ_ANDROID_HISTORY", True)
imply_option("--enable-small-chunk-size", True)
@@ -70,6 +73,8 @@ def check_target(target):
)
+include("torbrowser.configure")
+
include("../../toolkit/moz.configure")
include("../../build/moz.configure/android-sdk.configure")
include("../../build/moz.configure/java.configure")
@@ -87,3 +92,15 @@ set_config(
"MOZ_ANDROID_FAT_AAR_ARCHITECTURES",
depends("MOZ_ANDROID_FAT_AAR_ARCHITECTURES")(lambda x: x),
)
+
+project_flag(
+ "MOZ_ANDROID_NETWORK_STATE",
+ help="Include permission for accessing WiFi/network state on Android",
+ default=False,
+)
+
+project_flag(
+ "MOZ_ANDROID_LOCATION",
+ help="Include permission for accessing fine and course-grain Location on Android",
+ default=False,
+)
diff --git a/mobile/android/torbrowser.configure b/mobile/android/torbrowser.configure
new file mode 100644
index 000000000000..bcb725cae121
--- /dev/null
+++ b/mobile/android/torbrowser.configure
@@ -0,0 +1,30 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# Set Tor Browser default config
+
+imply_option("MOZ_ANDROID_EXCLUDE_FONTS", False)
+
+# Disable uploading crash reports and dump files to an external server
+# This is still configured in old-configure. Uncomment when this moves
+# to the python config
+# imply_option("MOZ_CRASHREPORTER", False)
+
+# Disable uploading information about the browser configuration and
+# performance to an external server
+imply_option("MOZ_SERVICES_HEALTHREPORT", False)
+
+# Disable creating telemetry and data reports that are uploaded to an
+# external server
+# These aren't actually configure options. These are disabled in
+# confvars.sh, but they look like configure options so we'll document
+# them here, as well.
+# XXX: no confvars.sh here
+# imply_option("MOZ_TELEMETRY_REPORTING", False)
+# imply_option("MOZ_DATA_REPORTING", False)
+
+imply_option("MOZ_ANDROID_NETWORK_STATE", False)
+imply_option("MOZ_ANDROID_LOCATION", False)
diff --git a/old-configure.in b/old-configure.in
index bf86baaa5313..10fede751d6a 100644
--- a/old-configure.in
+++ b/old-configure.in
@@ -1881,6 +1881,55 @@ if test -n "$MOZ_UPDATER"; then
AC_DEFINE(MOZ_UPDATER)
fi
+dnl ========================================================
+dnl Tor additions
+dnl ========================================================
+MOZ_ARG_WITH_STRING(tor-browser-version,
+[ --with-tor-browser-version=VERSION
+ Set Tor Browser version, e.g., 7.0a1],
+ TOR_BROWSER_VERSION="$withval")
+
+if test -z "$TOR_BROWSER_VERSION"; then
+ AC_MSG_ERROR([--with-tor-browser-version is required for Tor Browser.])
+fi
+
+MOZ_ARG_ENABLE_BOOL(tor-browser-update,
+[ --enable-tor-browser-update
+ Enable Tor Browser update],
+ TOR_BROWSER_UPDATE=1,
+ TOR_BROWSER_UPDATE= )
+
+if test -n "$TOR_BROWSER_UPDATE"; then
+ AC_DEFINE(TOR_BROWSER_UPDATE)
+fi
+
+MOZ_ARG_ENABLE_BOOL(tor-browser-data-outside-app-dir,
+[ --enable-tor-browser-data-outside-app-dir
+ Enable Tor Browser data outside of app directory],
+ TOR_BROWSER_DATA_OUTSIDE_APP_DIR=1,
+ TOR_BROWSER_DATA_OUTSIDE_APP_DIR= )
+
+if test -n "$TOR_BROWSER_DATA_OUTSIDE_APP_DIR"; then
+ AC_DEFINE(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+fi
+
+AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION,$TOR_BROWSER_VERSION)
+AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION_QUOTED,"$TOR_BROWSER_VERSION")
+AC_SUBST(TOR_BROWSER_UPDATE)
+AC_SUBST(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+
+MOZ_ARG_DISABLE_BOOL(tor-launcher,
+[ --disable-tor-launcher
+ Do not include Tor Launcher],
+ TOR_BROWSER_DISABLE_TOR_LAUNCHER=1,
+ TOR_BROWSER_DISABLE_TOR_LAUNCHER=)
+
+if test -n "$TOR_BROWSER_DISABLE_TOR_LAUNCHER"; then
+ AC_DEFINE(TOR_BROWSER_DISABLE_TOR_LAUNCHER)
+fi
+
+AC_SUBST(TOR_BROWSER_DISABLE_TOR_LAUNCHER)
+
dnl ========================================================
dnl parental controls (for Windows Vista)
dnl ========================================================
diff --git a/security/moz.build b/security/moz.build
index 18e50f9dcc37..8d0427525487 100644
--- a/security/moz.build
+++ b/security/moz.build
@@ -85,7 +85,7 @@ gyp_vars["nss_dist_obj_dir"] = "$PRODUCT_DIR/dist/bin"
gyp_vars["disable_tests"] = 1
gyp_vars["disable_dbm"] = 1
gyp_vars["disable_libpkix"] = 1
-gyp_vars["enable_sslkeylogfile"] = 1
+gyp_vars["enable_sslkeylogfile"] = 0
# pkg-config won't reliably find zlib on our builders, so just force it.
# System zlib is only used for modutil and signtool unless
# SSL zlib is enabled, which we are disabling immediately below this.
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile
index 8a8b06f4b508..90571bb3e256 100644
--- a/security/nss/lib/ssl/Makefile
+++ b/security/nss/lib/ssl/Makefile
@@ -41,7 +41,7 @@ endif
# Enable key logging by default in debug builds, but not opt builds.
# Logging still needs to be enabled at runtime through env vars.
-NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1)
+NSS_ALLOW_SSLKEYLOGFILE ?= 0
ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE))
DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1
endif
diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm
index 9b3acf6ecc30..ea10dc97535d 100644
--- a/toolkit/modules/AppConstants.jsm
+++ b/toolkit/modules/AppConstants.jsm
@@ -354,6 +354,14 @@ this.AppConstants = Object.freeze({
MOZ_WIDGET_TOOLKIT: "@MOZ_WIDGET_TOOLKIT@",
ANDROID_PACKAGE_NAME: "@ANDROID_PACKAGE_NAME@",
+ TOR_BROWSER_VERSION: "@TOR_BROWSER_VERSION@",
+ TOR_BROWSER_DATA_OUTSIDE_APP_DIR:
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+ true,
+#else
+ false,
+#endif
+
DEBUG_JS_MODULES: "@DEBUG_JS_MODULES@",
MOZ_BING_API_CLIENTID: "@MOZ_BING_API_CLIENTID@",
@@ -431,4 +439,11 @@ this.AppConstants = Object.freeze({
#else
false,
#endif
+
+ TOR_BROWSER_UPDATE:
+#ifdef TOR_BROWSER_UPDATE
+ true,
+#else
+ false,
+#endif
});
diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build
index 8ac56c81e646..c6b2c421f447 100644
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -301,6 +301,9 @@ for var in (
if CONFIG[var]:
DEFINES[var] = True
+if CONFIG["TOR_BROWSER_UPDATE"]:
+ DEFINES["TOR_BROWSER_UPDATE"] = 1
+
JAR_MANIFESTS += ["jar.mn"]
DEFINES["TOPOBJDIR"] = TOPOBJDIR
1
0
[tor-browser/tor-browser-91.3.0esr-11.0-1] Bug 1732360 - Add headers needed by MOZ_BUNDLED_FONTS. r?jfkthame
by sysrqb@torproject.org 03 Nov '21
by sysrqb@torproject.org 03 Nov '21
03 Nov '21
commit 1a182f4df6dac29df9f334c1e45128d4010a40d4
Author: Matthew Finkel <sysrqb(a)torproject.org>
Date: Sun Sep 12 14:44:33 2021 +0000
Bug 1732360 - Add headers needed by MOZ_BUNDLED_FONTS. r?jfkthame
Differential Revision: https://phabricator.services.mozilla.com/D126817
---
gfx/thebes/gfxPlatformMac.cpp | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/gfx/thebes/gfxPlatformMac.cpp b/gfx/thebes/gfxPlatformMac.cpp
index 56a8271b8279..56ac6bef9652 100644
--- a/gfx/thebes/gfxPlatformMac.cpp
+++ b/gfx/thebes/gfxPlatformMac.cpp
@@ -29,6 +29,11 @@
#include "GeckoProfiler.h"
#include "nsThreadUtils.h"
+#ifdef MOZ_BUNDLED_FONTS
+# include "mozilla/Telemetry.h"
+# include "nsDirectoryServiceDefs.h"
+#endif
+
#include <dlfcn.h>
#include <CoreVideo/CoreVideo.h>
1
0