December 2021 - tor-commits - lists.torproject.org

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 24796 - Comment out excess permissions from GeckoView
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit 6b5584c3cdaf4514f91f55331228f7d7aeb34e48 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Wed Apr 11 17:52:59 2018 +0000 Bug 24796 - Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. --- .../android/geckoview/src/main/AndroidManifest.xml | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/mobile/android/geckoview/src/main/AndroidManifest.xml b/mobile/android/geckoview/src/main/AndroidManifest.xml index a76b6a4754b6..7a2f30708fc3 100644 --- a/mobile/android/geckoview/src/main/AndroidManifest.xml +++ b/mobile/android/geckoview/src/main/AndroidManifest.xml @@ -6,20 +6,32 @@ <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="org.mozilla.geckoview"> + +  + <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.WAKE_LOCK"/> <uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" /> + +  + <uses-feature android:name="android.hardware.touchscreen" android:required="false"/> + +  +  +  <uses-feature

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 21952: Implement Onion-Location
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit 581a52cdf10c8822d6bd01202ee10e51d240845c Author: Alex Catarineu <acat(a)torproject.org> Date: Thu Mar 5 22:16:39 2020 +0100 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. --- browser/base/content/browser.js | 12 ++ browser/base/content/navigator-toolbox.inc.xhtml | 3 + browser/components/BrowserGlue.jsm | 13 ++ .../onionservices/OnionLocationChild.jsm | 39 +++++ .../onionservices/OnionLocationParent.jsm | 168 +++++++++++++++++++++ .../content/onionlocation-notification-icons.css | 5 + .../onionservices/content/onionlocation-urlbar.css | 60 ++++++++ .../content/onionlocation-urlbar.inc.xhtml | 10 ++ .../onionservices/content/onionlocation.svg | 3 + .../content/onionlocationPreferences.inc.xhtml | 11 ++ .../content/onionlocationPreferences.js | 31 ++++ browser/components/onionservices/jar.mn | 2 + browser/components/onionservices/moz.build | 2 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 17 +++ browser/themes/shared/notification-icons.inc.css | 2 + browser/themes/shared/urlbar-searchbar.inc.css | 2 + dom/base/Document.cpp | 34 ++++- dom/base/Document.h | 2 + dom/webidl/Document.webidl | 8 + modules/libpref/init/StaticPrefList.yaml | 5 + xpcom/ds/StaticAtoms.py | 1 + 22 files changed, 431 insertions(+), 1 deletion(-) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index b934e112eb23..090de22cb294 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -49,6 +49,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { NetUtil: "resource://gre/modules/NetUtil.jsm", NewTabUtils: "resource://gre/modules/NewTabUtils.jsm", OpenInTabsUtils: "resource:///modules/OpenInTabsUtils.jsm", + OnionLocationParent: "resource:///modules/OnionLocationParent.jsm", PageActions: "resource:///modules/PageActions.jsm", PageThumbs: "resource://gre/modules/PageThumbs.jsm", PanelMultiView: "resource:///modules/PanelMultiView.jsm", @@ -5304,6 +5305,7 @@ var XULBrowserWindow = { CFRPageActions.updatePageActions(gBrowser.selectedBrowser); AboutReaderParent.updateReaderButton(gBrowser.selectedBrowser); + OnionLocationParent.updateOnionLocationBadge(gBrowser.selectedBrowser); if (!gMultiProcessBrowser) { // Bug 1108553 - Cannot rotate images with e10s @@ -5794,6 +5796,16 @@ var CombinedStopReload = { var TabsProgressListener = { onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) { + // Clear OnionLocation UI + if ( + aStateFlags & Ci.nsIWebProgressListener.STATE_START && + aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK && + aRequest && + aWebProgress.isTopLevel + ) { + OnionLocationParent.onStateChange(aBrowser); + } + // Collect telemetry data about tab load times. if ( aWebProgress.isTopLevel && diff --git a/browser/base/content/navigator-toolbox.inc.xhtml b/browser/base/content/navigator-toolbox.inc.xhtml index 7a2715e9e604..1aad36ab3bfc 100644 --- a/browser/base/content/navigator-toolbox.inc.xhtml +++ b/browser/base/content/navigator-toolbox.inc.xhtml @@ -358,6 +358,9 @@ onclick="FullZoom.reset(); FullZoom.resetScalingZoom();" tooltip="dynamic-shortcut-tooltip" hidden="true"/> + +#include ../../components/onionservices/content/onionlocation-urlbar.inc.xhtml + <hbox id="pageActionButton" class="urlbar-page-action urlbar-icon-wrapper" role="button" diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 818cbb04837a..3fc7e912ff0c 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -545,6 +545,19 @@ let JSWINDOWACTORS = { allFrames: true, }, + OnionLocation: { + parent: { + moduleURI: "resource:///modules/OnionLocationParent.jsm", + }, + child: { + moduleURI: "resource:///modules/OnionLocationChild.jsm", + events: { + pageshow: { mozSystemGroup: true }, + }, + }, + messageManagerGroups: ["browsers"], + }, + PageInfo: { child: { moduleURI: "resource:///actors/PageInfoChild.jsm", diff --git a/browser/components/onionservices/OnionLocationChild.jsm b/browser/components/onionservices/OnionLocationChild.jsm new file mode 100644 index 000000000000..9e00054ac56c --- /dev/null +++ b/browser/components/onionservices/OnionLocationChild.jsm @@ -0,0 +1,39 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +var EXPORTED_SYMBOLS = ["OnionLocationChild"]; + +class OnionLocationChild extends JSWindowActorChild { + handleEvent(event) { + this.onPageShow(event); + } + + onPageShow(event) { + if (event.target != this.document) { + return; + } + const onionLocationURI = this.document.onionLocationURI; + if (onionLocationURI) { + this.sendAsyncMessage("OnionLocation:Set"); + } + } + + receiveMessage(aMessage) { + if (aMessage.name == "OnionLocation:Refresh") { + const doc = this.document; + const docShell = this.docShell; + const onionLocationURI = doc.onionLocationURI; + const refreshURI = docShell.QueryInterface(Ci.nsIRefreshURI); + if (onionLocationURI && refreshURI) { + refreshURI.refreshURI( + onionLocationURI, + doc.nodePrincipal, + 0, + false, + true + ); + } + } + } +} diff --git a/browser/components/onionservices/OnionLocationParent.jsm b/browser/components/onionservices/OnionLocationParent.jsm new file mode 100644 index 000000000000..f6250e554862 --- /dev/null +++ b/browser/components/onionservices/OnionLocationParent.jsm @@ -0,0 +1,168 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +var EXPORTED_SYMBOLS = ["OnionLocationParent"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); +const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); + +// Prefs +const NOTIFICATION_PREF = "privacy.prioritizeonions.showNotification"; +const PRIORITIZE_ONIONS_PREF = "privacy.prioritizeonions.enabled"; + +// Element IDs +const ONIONLOCATION_BOX_ID = "onion-location-box"; +const ONIONLOCATION_BUTTON_ID = "onion-location-button"; +const ONIONLOCATION_LABEL_ID = "onion-label"; + +// Notification IDs +const NOTIFICATION_ID = "onion-location"; +const NOTIFICATION_ANCHOR_ID = "onionlocation"; + +// Strings +const STRING_ONION_AVAILABLE = TorStrings.onionLocation.onionAvailable; +const NOTIFICATION_CANCEL_LABEL = TorStrings.onionLocation.notNow; +const NOTIFICATION_CANCEL_ACCESSKEY = TorStrings.onionLocation.notNowAccessKey; +const NOTIFICATION_OK_LABEL = TorStrings.onionLocation.alwaysPrioritize; +const NOTIFICATION_OK_ACCESSKEY = + TorStrings.onionLocation.alwaysPrioritizeAccessKey; +const NOTIFICATION_TITLE = TorStrings.onionLocation.tryThis; +const NOTIFICATION_DESCRIPTION = TorStrings.onionLocation.description; +const NOTIFICATION_LEARN_MORE_URL = TorStrings.onionLocation.learnMoreURL; + +class OnionLocationParent extends JSWindowActorParent { + // Listeners are added in BrowserGlue.jsm + receiveMessage(aMsg) { + switch (aMsg.name) { + case "OnionLocation:Set": + let browser = this.browsingContext.embedderElement; + OnionLocationParent.setOnionLocation(browser); + break; + } + } + + static buttonClick(event) { + if (event.button !== 0) { + return; + } + const win = event.target.ownerGlobal; + if (win.gBrowser) { + const browser = win.gBrowser.selectedBrowser; + OnionLocationParent.redirect(browser); + } + } + + static redirect(browser) { + let windowGlobal = browser.browsingContext.currentWindowGlobal; + let actor = windowGlobal.getActor("OnionLocation"); + if (actor) { + actor.sendAsyncMessage("OnionLocation:Refresh", {}); + OnionLocationParent.setDisabled(browser); + } + } + + static onStateChange(browser) { + delete browser._onionLocation; + OnionLocationParent.hideNotification(browser); + } + + static setOnionLocation(browser) { + browser._onionLocation = true; + let tabBrowser = browser.getTabBrowser(); + if (tabBrowser && browser === tabBrowser.selectedBrowser) { + OnionLocationParent.updateOnionLocationBadge(browser); + } + } + + static hideNotification(browser) { + const win = browser.ownerGlobal; + if (browser._onionLocationPrompt) { + win.PopupNotifications.remove(browser._onionLocationPrompt); + } + } + + static showNotification(browser) { + const mustShow = Services.prefs.getBoolPref(NOTIFICATION_PREF, true); + if (!mustShow) { + return; + } + + const win = browser.ownerGlobal; + Services.prefs.setBoolPref(NOTIFICATION_PREF, false); + + const mainAction = { + label: NOTIFICATION_OK_LABEL, + accessKey: NOTIFICATION_OK_ACCESSKEY, + callback() { + Services.prefs.setBoolPref(PRIORITIZE_ONIONS_PREF, true); + OnionLocationParent.redirect(browser); + win.openPreferences("privacy-onionservices"); + }, + }; + + const cancelAction = { + label: NOTIFICATION_CANCEL_LABEL, + accessKey: NOTIFICATION_CANCEL_ACCESSKEY, + callback: () => {}, + }; + + const options = { + autofocus: true, + persistent: true, + removeOnDismissal: false, + eventCallback(aTopic) { + if (aTopic === "removed") { + delete browser._onionLocationPrompt; + delete browser.onionpopupnotificationanchor; + } + }, + learnMoreURL: NOTIFICATION_LEARN_MORE_URL, + displayURI: { + hostPort: NOTIFICATION_TITLE, // This is hacky, but allows us to have a title without extra markup/css. + }, + hideClose: true, + popupIconClass: "onionlocation-notification-icon", + }; + + // A hacky way of setting the popup anchor outside the usual url bar icon box + // onionlocationpopupnotificationanchor comes from `${ANCHOR_ID}popupnotificationanchor` + // From https://searchfox.org/mozilla-esr68/rev/080f9ed47742644d2ff84f7aa0b10aea5c4… + browser.onionlocationpopupnotificationanchor = win.document.getElementById( + ONIONLOCATION_BUTTON_ID + ); + + browser._onionLocationPrompt = win.PopupNotifications.show( + browser, + NOTIFICATION_ID, + NOTIFICATION_DESCRIPTION, + NOTIFICATION_ANCHOR_ID, + mainAction, + [cancelAction], + options + ); + } + + static setEnabled(browser) { + const win = browser.ownerGlobal; + const label = win.document.getElementById(ONIONLOCATION_LABEL_ID); + label.textContent = STRING_ONION_AVAILABLE; + const elem = win.document.getElementById(ONIONLOCATION_BOX_ID); + elem.removeAttribute("hidden"); + } + + static setDisabled(browser) { + const win = browser.ownerGlobal; + const elem = win.document.getElementById(ONIONLOCATION_BOX_ID); + elem.setAttribute("hidden", true); + } + + static updateOnionLocationBadge(browser) { + if (browser._onionLocation) { + OnionLocationParent.setEnabled(browser); + OnionLocationParent.showNotification(browser); + } else { + OnionLocationParent.setDisabled(browser); + } + } +} diff --git a/browser/components/onionservices/content/onionlocation-notification-icons.css b/browser/components/onionservices/content/onionlocation-notification-icons.css new file mode 100644 index 000000000000..7c8a6d892c6f --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-notification-icons.css @@ -0,0 +1,5 @@ +/* Copyright (c) 2020, The Tor Project, Inc. */ + +.onionlocation-notification-icon { + display: none; +} \ No newline at end of file diff --git a/browser/components/onionservices/content/onionlocation-urlbar.css b/browser/components/onionservices/content/onionlocation-urlbar.css new file mode 100644 index 000000000000..7b7051ace675 --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-urlbar.css @@ -0,0 +1,60 @@ +/* Copyright (c) 2020, The Tor Project, Inc. */ + +#onion-location-box { + height: 28px; + + background-color: var(--purple-60); + -moz-context-properties: fill; + fill: white; +} + +#onion-location-box:hover { + background-color: var(--purple-70); +} + +#onion-location-box:active { + background-color: var(--purple-80); +} + +@media (prefers-color-scheme: dark) { + #onion-location-box { + background-color: var(--purple-50); + } + + #onion-location-box:hover { + background-color: var(--purple-60); + } + + #onion-location-box:active { + background-color: var(--purple-70); + } +} + +#onion-location-button { + list-style-image: url(chrome://browser/content/onionservices/onionlocation.svg); + padding-inline-start: 0.5em; +} + +label#onion-label { + line-height: 28px; + margin: 0; + padding-block: 0; + padding-inline: 0.5em; + color: white; + font-weight: bold; +} + +/* set appropriate sizes for the non-standard ui densities */ +:root[uidensity=compact] hbox.urlbar-page-action#onion-location-box { + height: 24px; +} +:root[uidensity=compact] label#onion-label { + line-height: 24px; +} + +:root[uidensity=touch] hbox.urlbar-page-action#onion-location-box { + height: 30px; +} +:root[uidensity=touch] label#onion-label { + line-height: 30px; +} diff --git a/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml b/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml new file mode 100644 index 000000000000..b612a4236f3c --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml @@ -0,0 +1,10 @@ +# Copyright (c) 2020, The Tor Project, Inc. + +<hbox id="onion-location-box" + class="urlbar-icon-wrapper urlbar-page-action" + role="button" + hidden="true" + onclick="OnionLocationParent.buttonClick(event);"> + <image id="onion-location-button" role="presentation"/> + <hbox id="onion-label-container"><label id="onion-label"/></hbox> +</hbox> diff --git a/browser/components/onionservices/content/onionlocation.svg b/browser/components/onionservices/content/onionlocation.svg new file mode 100644 index 000000000000..37f40ac1812f --- /dev/null +++ b/browser/components/onionservices/content/onionlocation.svg @@ -0,0 +1,3 @@ +<svg width="16" height="16" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <path fill="context-fill" fill-opacity="context-fill-opacity" d="m8.016411 14.54499v-0.969784c3.071908-0.0089 5.559239-2.501304 5.559239-5.575429 0-3.073903-2.487331-5.566336-5.559239-5.575206v-0.9697843c3.607473 0.00909 6.528802 2.935521 6.528802 6.544991 0 3.609691-2.921329 6.536342-6.528802 6.545213zm0-3.394356c1.732661-0.0091 3.135111-1.415756 3.135111-3.150857 0-1.734878-1.402451-3.141542-3.135111-3.150634v-0.9695626c2.268448 0.00887 4.104895 1.849753 4.104895 4.120197 0 2.270666-1.836447 4.111549-4.104895 4.120419zm0-4.846926c0.9294227 0.00887 1.680545 0.7644289 1.680545 1.696069 0 0.9318627-0.7511226 1.687421-1.680545 1.696291zm-8.016411 1.696069c0 4.418473 3.581527 8.000222 8 8.000222 4.418251 0 8-3.581749 8-8.000222 0-4.418251-3.581749-7.999778-8-7.999778-4.418473 0-8 3.581527-8 7.999778z" /> +</svg> \ No newline at end of file diff --git a/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml b/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml new file mode 100644 index 000000000000..c285f403f99b --- /dev/null +++ b/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml @@ -0,0 +1,11 @@ +# Copyright (c) 2020, The Tor Project, Inc. + +<groupbox id="onionServicesGroup" data-category="panePrivacy" data-subcategory="onionservices" hidden="true"> + <label><html:h2 id="onionServicesTitle"></html:h2></label> + <label><label class="tail-with-learn-more" id="prioritizeOnionsDesc"></label><label + class="learnMore" is="text-link" id="onionServicesLearnMore"></label></label> + <radiogroup id="prioritizeOnionsRadioGroup" aria-labelledby="prioritizeOnionsDesc" preference="privacy.prioritizeonions.enabled"> + <radio id="onionServicesRadioAlways" value="true"/> + <radio id="onionServicesRadioAsk" value="false"/> + </radiogroup> +</groupbox> diff --git a/browser/components/onionservices/content/onionlocationPreferences.js b/browser/components/onionservices/content/onionlocationPreferences.js new file mode 100644 index 000000000000..aa569b54721c --- /dev/null +++ b/browser/components/onionservices/content/onionlocationPreferences.js @@ -0,0 +1,31 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +ChromeUtils.defineModuleGetter( + this, + "TorStrings", + "resource:///modules/TorStrings.jsm" +); + +const OnionLocationPreferences = { + init() { + document.getElementById("onionServicesTitle").textContent = + TorStrings.onionLocation.onionServicesTitle; + document.getElementById("prioritizeOnionsDesc").textContent = + TorStrings.onionLocation.prioritizeOnionsDescription; + const learnMore = document.getElementById("onionServicesLearnMore"); + learnMore.textContent = TorStrings.onionLocation.learnMore; + learnMore.href = TorStrings.onionLocation.learnMoreURL; + document.getElementById("onionServicesRadioAlways").label = + TorStrings.onionLocation.always; + document.getElementById("onionServicesRadioAsk").label = + TorStrings.onionLocation.askEverytime; + }, +}; + +Object.defineProperty(this, "OnionLocationPreferences", { + value: OnionLocationPreferences, + enumerable: true, + writable: false, +}); diff --git a/browser/components/onionservices/jar.mn b/browser/components/onionservices/jar.mn index 9d6ce88d1841..f45b16dc5d29 100644 --- a/browser/components/onionservices/jar.mn +++ b/browser/components/onionservices/jar.mn @@ -7,3 +7,5 @@ browser.jar: content/browser/onionservices/onionservices.css (content/onionservices.css) content/browser/onionservices/savedKeysDialog.js (content/savedKeysDialog.js) content/browser/onionservices/savedKeysDialog.xhtml (content/savedKeysDialog.xhtml) + content/browser/onionservices/onionlocationPreferences.js (content/onionlocationPreferences.js) + content/browser/onionservices/onionlocation.svg (content/onionlocation.svg) diff --git a/browser/components/onionservices/moz.build b/browser/components/onionservices/moz.build index 815685322024..8027233d65a6 100644 --- a/browser/components/onionservices/moz.build +++ b/browser/components/onionservices/moz.build @@ -4,4 +4,6 @@ EXTRA_JS_MODULES += [ "ExtensionMessaging.jsm", "HttpsEverywhereControl.jsm", "OnionAliasStore.jsm", + "OnionLocationChild.jsm", + "OnionLocationParent.jsm", ] diff --git a/browser/components/preferences/privacy.inc.xhtml b/browser/components/preferences/privacy.inc.xhtml index 7d3bc3a663ed..eb1cedfdd4c9 100644 --- a/browser/components/preferences/privacy.inc.xhtml +++ b/browser/components/preferences/privacy.inc.xhtml @@ -14,6 +14,8 @@ <html:h1 data-l10n-id="privacy-header"/> </hbox> +#include ../onionservices/content/onionlocationPreferences.inc.xhtml +  <groupbox id="trackingGroup" data-category="panePrivacy" hidden="true" aria-describedby="contentBlockingDescription"> <label id="contentBlockingHeader"><html:h2 data-l10n-id="content-blocking-enhanced-tracking-protection"/></label> diff --git a/browser/components/preferences/privacy.js b/browser/components/preferences/privacy.js index 932d4291e486..1985b5489fc1 100644 --- a/browser/components/preferences/privacy.js +++ b/browser/components/preferences/privacy.js @@ -93,6 +93,12 @@ XPCOMUtils.defineLazyScriptGetter( "chrome://browser/content/securitylevel/securityLevel.js" ); +XPCOMUtils.defineLazyScriptGetter( + this, + ["OnionLocationPreferences"], + "chrome://browser/content/onionservices/onionlocationPreferences.js" +); + XPCOMUtils.defineLazyServiceGetter( this, "listManager", @@ -169,6 +175,9 @@ Preferences.addAll([ // Do not track { id: "privacy.donottrackheader.enabled", type: "bool" }, + // Onion Location + { id: "privacy.prioritizeonions.enabled", type: "bool" }, + // Media { id: "media.autoplay.default", type: "int" }, @@ -333,6 +342,13 @@ var gPrivacyPane = { window.addEventListener("unload", unload); }, + /** + * Show the OnionLocation preferences UI + */ + _initOnionLocation() { + OnionLocationPreferences.init(); + }, + /** * Whether the prompt to restart Firefox should appear when changing the autostart pref. */ @@ -530,6 +546,7 @@ var gPrivacyPane = { this._initTrackingProtectionExtensionControl(); OnionServicesAuthPreferences.init(); this._initSecurityLevel(); + this._initOnionLocation(); Services.telemetry.setEventRecordingEnabled("pwmgr", true); diff --git a/browser/themes/shared/notification-icons.inc.css b/browser/themes/shared/notification-icons.inc.css index 67dd640baf16..83248f71c60d 100644 --- a/browser/themes/shared/notification-icons.inc.css +++ b/browser/themes/shared/notification-icons.inc.css @@ -449,3 +449,5 @@ -moz-context-properties: fill; fill: var(--panel-banner-item-warning-icon-bgcolor); } + +%include ../../components/onionservices/content/onionlocation-notification-icons.css diff --git a/browser/themes/shared/urlbar-searchbar.inc.css b/browser/themes/shared/urlbar-searchbar.inc.css index 82675dae2041..0158597991ec 100644 --- a/browser/themes/shared/urlbar-searchbar.inc.css +++ b/browser/themes/shared/urlbar-searchbar.inc.css @@ -745,3 +745,5 @@ moz-input-box > menupopup .context-menu-add-engine > .menu-iconic-left::after { .searchbar-textbox::placeholder { opacity: 0.69; } + +%include ../../components/onionservices/content/onionlocation-urlbar.css diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp index a58e76cb5258..b00399e2eccb 100644 --- a/dom/base/Document.cpp +++ b/dom/base/Document.cpp @@ -2779,6 +2779,7 @@ void Document::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, // mDocumentURI. mDocumentBaseURI = nullptr; mChromeXHRDocBaseURI = nullptr; + mOnionLocationURI = nullptr; // Check if the current document is the top-level DevTools document. // For inner DevTools frames, mIsDevToolsDocument will be set when @@ -6486,6 +6487,22 @@ void Document::GetHeaderData(nsAtom* aHeaderField, nsAString& aData) const { } } +static bool IsValidOnionLocation(nsIURI* aDocumentURI, + nsIURI* aOnionLocationURI) { + bool isHttpish; + nsAutoCString host; + return aDocumentURI && aOnionLocationURI && + NS_SUCCEEDED(aDocumentURI->SchemeIs("https", &isHttpish)) && + isHttpish && NS_SUCCEEDED(aDocumentURI->GetAsciiHost(host)) && + !StringEndsWith(host, ".onion"_ns) && + ((NS_SUCCEEDED(aOnionLocationURI->SchemeIs("http", &isHttpish)) && + isHttpish) || + (NS_SUCCEEDED(aOnionLocationURI->SchemeIs("https", &isHttpish)) && + isHttpish)) && + NS_SUCCEEDED(aOnionLocationURI->GetAsciiHost(host)) && + StringEndsWith(host, ".onion"_ns); +} + void Document::SetHeaderData(nsAtom* aHeaderField, const nsAString& aData) { if (!aHeaderField) { NS_ERROR("null headerField"); @@ -6560,6 +6577,21 @@ void Document::SetHeaderData(nsAtom* aHeaderField, const nsAString& aData) { aHeaderField == nsGkAtoms::handheldFriendly) { mViewportType = Unknown; } + + if (aHeaderField == nsGkAtoms::headerOnionLocation && !aData.IsEmpty()) { + nsCOMPtr<nsIURI> onionURI; + if (NS_SUCCEEDED(NS_NewURI(getter_AddRefs(onionURI), aData)) && + IsValidOnionLocation(Document::GetDocumentURI(), onionURI)) { + if (StaticPrefs::privacy_prioritizeonions_enabled()) { + nsCOMPtr<nsIRefreshURI> refresher(mDocumentContainer); + if (refresher) { + refresher->RefreshURI(onionURI, NodePrincipal(), 0, false, true); + } + } else { + mOnionLocationURI = onionURI; + } + } + } } void Document::TryChannelCharset(nsIChannel* aChannel, int32_t& aCharsetSource, @@ -10697,7 +10729,7 @@ void Document::RetrieveRelevantHeaders(nsIChannel* aChannel) { static const char* const headers[] = { "default-style", "content-style-type", "content-language", "content-disposition", "refresh", "x-dns-prefetch-control", - "x-frame-options", + "x-frame-options", "onion-location", // add more http headers if you need // XXXbz don't add content-location support without reading bug // 238654 and its dependencies/dups first. diff --git a/dom/base/Document.h b/dom/base/Document.h index 7165496397f3..c8de049526ea 100644 --- a/dom/base/Document.h +++ b/dom/base/Document.h @@ -3365,6 +3365,7 @@ class Document : public nsINode, void ReleaseCapture() const; void MozSetImageElement(const nsAString& aImageElementId, Element* aElement); nsIURI* GetDocumentURIObject() const; + nsIURI* GetOnionLocationURI() const { return mOnionLocationURI; } // Not const because all the fullscreen goop is not const const char* GetFullscreenError(CallerType); bool FullscreenEnabled(CallerType aCallerType) { @@ -4348,6 +4349,7 @@ class Document : public nsINode, nsCOMPtr<nsIURI> mChromeXHRDocURI; nsCOMPtr<nsIURI> mDocumentBaseURI; nsCOMPtr<nsIURI> mChromeXHRDocBaseURI; + nsCOMPtr<nsIURI> mOnionLocationURI; // The base domain of the document for third-party checks. nsCString mBaseDomain; diff --git a/dom/webidl/Document.webidl b/dom/webidl/Document.webidl index a139ace11d4a..d934cf8da045 100644 --- a/dom/webidl/Document.webidl +++ b/dom/webidl/Document.webidl @@ -711,3 +711,11 @@ partial interface Document { [ChromeOnly] void setNotifyFormOrPasswordRemoved(boolean aShouldNotify); }; + +/** + * Extension to allows chrome JS to know whether the document has a valid + * Onion-Location that we could redirect to. + */ +partial interface Document { + [ChromeOnly] readonly attribute URI? onionLocationURI; +}; diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml index 26ba559b79b0..eeea2e3c41ce 100644 --- a/modules/libpref/init/StaticPrefList.yaml +++ b/modules/libpref/init/StaticPrefList.yaml @@ -10483,6 +10483,11 @@ value: "" mirror: never +- name: privacy.prioritizeonions.enabled + type: RelaxedAtomicBool + value: false + mirror: always + #--------------------------------------------------------------------------- # Prefs starting with "prompts." #--------------------------------------------------------------------------- diff --git a/xpcom/ds/StaticAtoms.py b/xpcom/ds/StaticAtoms.py index 2f5be143517b..f620f57a1213 100644 --- a/xpcom/ds/StaticAtoms.py +++ b/xpcom/ds/StaticAtoms.py @@ -821,6 +821,7 @@ STATIC_ATOMS = [ Atom("oninputsourceschange", "oninputsourceschange"), Atom("oninstall", "oninstall"), Atom("oninvalid", "oninvalid"), + Atom("headerOnionLocation", "onion-location"), Atom("onkeydown", "onkeydown"), Atom("onkeypress", "onkeypress"), Atom("onkeyup", "onkeyup"),

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40025: Remove Mozilla add-on install permissions
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit 04513c4bfac1bd336649015ffbaf89a92ce146f9 Author: Alex Catarineu <acat(a)torproject.org> Date: Mon Jul 27 18:12:55 2020 +0200 Bug 40025: Remove Mozilla add-on install permissions --- browser/app/permissions | 5 ----- 1 file changed, 5 deletions(-) diff --git a/browser/app/permissions b/browser/app/permissions index b75b839e366b..d8439d49346b 100644 --- a/browser/app/permissions +++ b/browser/app/permissions @@ -12,11 +12,6 @@ origin uitour 1 https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ origin uitour 1 about:tor -# XPInstall -origin install 1 https://addons.mozilla.org - # Remote troubleshooting origin remote-troubleshooting 1 https://support.mozilla.org -# addon install -origin install 1 https://fpn.firefox.com

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 32418: Allow updates to be disabled via an enterprise policy.
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit dde41cebb041afaafc57c5fa5aff1fae1e9691f0 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Thu Apr 16 17:07:09 2020 -0400 Bug 32418: Allow updates to be disabled via an enterprise policy. Restrict the Enterprise Policies mechanism to only consult a policies.json file (avoiding the Windows Registry and macOS's file system attributes). Add a few disabledByPolicy() checks to the update service to avoid extraneous (and potentially confusing) log messages when updates are disabled by policy. Sample content for distribution/policies.json: { "policies": { "DisableAppUpdate": true } } On Linux, avoid reading policies from /etc/firefox/policies/policies.json --- .../enterprisepolicies/EnterprisePoliciesParent.jsm | 14 ++++++++++++-- toolkit/components/enterprisepolicies/moz.build | 3 +++ 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm index f5de14798de1..9c702ea3fde8 100644 --- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm +++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm @@ -4,6 +4,10 @@ var EXPORTED_SYMBOLS = ["EnterprisePoliciesManager"]; +// To ensure that policies intended for Firefox or another browser will not +// be used, Tor Browser only looks for policies in ${InstallDir}/distribution +#define AVOID_SYSTEM_POLICIES MOZ_PROXY_BYPASS_PROTECTION + const { XPCOMUtils } = ChromeUtils.import( "resource://gre/modules/XPCOMUtils.jsm" ); @@ -13,9 +17,11 @@ const { AppConstants } = ChromeUtils.import( ); XPCOMUtils.defineLazyModuleGetters(this, { +#ifndef AVOID_SYSTEM_POLICIES WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm", macOSPoliciesParser: "resource://gre/modules/policies/macOSPoliciesParser.jsm", +#endif Policies: "resource:///modules/policies/Policies.jsm", JsonSchemaValidator: "resource://gre/modules/components-utils/JsonSchemaValidator.jsm", @@ -140,11 +146,13 @@ EnterprisePoliciesManager.prototype = { _chooseProvider() { let platformProvider = null; +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "win") { platformProvider = new WindowsGPOPoliciesProvider(); } else if (AppConstants.platform == "macosx") { platformProvider = new macOSPoliciesProvider(); } +#endif let jsonProvider = new JSONPoliciesProvider(); if (platformProvider && platformProvider.hasPolicies) { if (jsonProvider.hasPolicies) { @@ -491,7 +499,7 @@ class JSONPoliciesProvider { _getConfigurationFile() { let configFile = null; - +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "linux") { let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance( Ci.nsIFile @@ -504,7 +512,7 @@ class JSONPoliciesProvider { return systemConfigFile; } } - +#endif try { let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false); if (perUserPath) { @@ -585,6 +593,7 @@ class JSONPoliciesProvider { } } +#ifndef AVOID_SYSTEM_POLICIES class WindowsGPOPoliciesProvider { constructor() { this._policies = null; @@ -686,3 +695,4 @@ class CombinedProvider { return false; } } +#endif diff --git a/toolkit/components/enterprisepolicies/moz.build b/toolkit/components/enterprisepolicies/moz.build index 09d2046e1bd7..3f685d3fbbd6 100644 --- a/toolkit/components/enterprisepolicies/moz.build +++ b/toolkit/components/enterprisepolicies/moz.build @@ -19,6 +19,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] != "android": EXTRA_JS_MODULES += [ "EnterprisePolicies.jsm", "EnterprisePoliciesContent.jsm", + ] + + EXTRA_PP_JS_MODULES += [ "EnterprisePoliciesParent.jsm", ]

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit 2e858dd7a5968dc4ed7fd287225871bffaf46637 Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Oct 9 12:55:35 2020 +0200 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots --- browser/app/profile/000-tor-browser.js | 3 +++ browser/components/BrowserGlue.jsm | 14 ++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index a80eafff5d58..2df0140bfe74 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -335,6 +335,9 @@ pref("security.enterprise_roots.enabled", false); // Don't ping Mozilla for MitM detection, see bug 32321 pref("security.certerrors.mitm.priming.enabled", false); +// Don't automatically enable enterprise roots, see bug 40166 +pref("security.certerrors.mitm.auto_enable_enterprise_roots", false); + // Disable the language pack signing check for now on macOS, see #31942 #ifdef XP_MACOSX pref("extensions.langpacks.signatures.required", false); diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index d7acae6d8f9d..f486d234b695 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -1365,6 +1365,20 @@ BrowserGlue.prototype = { // handle any UI migration this._migrateUI(); + // Clear possibly auto enabled enterprise_roots prefs (see bug 40166) + if ( + !Services.prefs.getBoolPref( + "security.certerrors.mitm.auto_enable_enterprise_roots" + ) && + Services.prefs.getBoolPref( + "security.enterprise_roots.auto-enabled", + false + ) + ) { + Services.prefs.clearUserPref("security.enterprise_roots.enabled"); + Services.prefs.clearUserPref("security.enterprise_roots.auto-enabled"); + } + if (!Services.prefs.prefHasUserValue(PREF_PDFJS_ISDEFAULT_CACHE_STATE)) { PdfJs.checkIsDefault(this._isNewProfile); }

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit b7fec4e5bb5fc9d7840483b602a0f274ad48215b Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Sep 4 12:34:35 2020 +0200 Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop This loads HTTPS Everywhere as a builtin addon from a hardcoded resource:// URI in desktop. It also ensures that the non-builtin HTTPS Everywhere addon is always uninstalled on browser startup. The reason of making this desktop-only is that there are some issues when installing a builtin extension from geckoview side, making the extension not available on first startup. So, at least for now we handle the Fenix case separately. See #40118 for a followup for investigating these. --- browser/components/BrowserGlue.jsm | 37 ++++++++++++++++++++++ toolkit/components/extensions/Extension.jsm | 10 ++++-- .../mozapps/extensions/internal/XPIProvider.jsm | 13 ++++++++ 3 files changed, 57 insertions(+), 3 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 04b51b1c2cc1..d7acae6d8f9d 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -45,6 +45,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { DownloadsViewableInternally: "resource:///modules/DownloadsViewableInternally.jsm", E10SUtils: "resource://gre/modules/E10SUtils.jsm", + ExtensionData: "resource://gre/modules/Extension.jsm", ExtensionsUI: "resource:///modules/ExtensionsUI.jsm", FeatureGate: "resource://featuregates/FeatureGate.jsm", FxAccounts: "resource://gre/modules/FxAccounts.jsm", @@ -120,6 +121,13 @@ XPCOMUtils.defineLazyServiceGetters(this, { PushService: ["@mozilla.org/push/Service;1", "nsIPushService"], }); +XPCOMUtils.defineLazyServiceGetters(this, { + resProto: [ + "@mozilla.org/network/protocol;1?name=resource", + "nsISubstitutingProtocolHandler", + ], +}); + const PREF_PDFJS_ISDEFAULT_CACHE_STATE = "pdfjs.enabledCache.state"; /** @@ -1382,6 +1390,35 @@ BrowserGlue.prototype = { "resource://builtin-themes/alpenglow/" ); + // Install https-everywhere builtin addon if needed. + (async () => { + const HTTPS_EVERYWHERE_ID = "https-everywhere-eff(a)eff.org"; + const HTTPS_EVERYWHERE_BUILTIN_URL = + "resource://torbutton/content/extensions/https-everywhere/"; + // This does something similar as GeckoViewWebExtension.jsm: it tries + // to load the manifest to retrieve the version of the builtin and + // compares it to the currently installed one to see whether we need + // to install or not. Here we delegate that to + // AddonManager.maybeInstallBuiltinAddon. + try { + const resolvedURI = Services.io.newURI( + resProto.resolveURI(Services.io.newURI(HTTPS_EVERYWHERE_BUILTIN_URL)) + ); + const extensionData = new ExtensionData(resolvedURI); + const manifest = await extensionData.loadManifest(); + + await AddonManager.maybeInstallBuiltinAddon( + HTTPS_EVERYWHERE_ID, + manifest.version, + HTTPS_EVERYWHERE_BUILTIN_URL + ); + } catch (e) { + const log = Log.repository.getLogger("HttpsEverywhereBuiltinLoader"); + log.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter())); + log.error("Could not install https-everywhere extension", e); + } + })(); + if (AppConstants.MOZ_NORMANDY) { Normandy.init(); } diff --git a/toolkit/components/extensions/Extension.jsm b/toolkit/components/extensions/Extension.jsm index 08c5cf8a9190..783ec7c3391d 100644 --- a/toolkit/components/extensions/Extension.jsm +++ b/toolkit/components/extensions/Extension.jsm @@ -267,6 +267,7 @@ const LOGGER_ID_BASE = "addons.webextension."; const UUID_MAP_PREF = "extensions.webextensions.uuids"; const LEAVE_STORAGE_PREF = "extensions.webextensions.keepStorageOnUninstall"; const LEAVE_UUID_PREF = "extensions.webextensions.keepUuidOnUninstall"; +const PERSISTENT_EXTENSIONS = new Set(["https-everywhere-eff(a)eff.org"]); const COMMENT_REGEXP = new RegExp( String.raw` @@ -413,7 +414,8 @@ var ExtensionAddonObserver = { ); } - if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false)) { + if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) && + !PERSISTENT_EXTENSIONS.has(addon.id)) { // Clear browser.storage.local backends. AsyncShutdown.profileChangeTeardown.addBlocker( `Clear Extension Storage ${addon.id} (File Backend)`, @@ -461,7 +463,8 @@ var ExtensionAddonObserver = { ExtensionPermissions.removeAll(addon.id); - if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false)) { + if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false) && + !PERSISTENT_EXTENSIONS.has(addon.id)) { // Clear the entry in the UUID map UUIDMap.remove(addon.id); } @@ -2696,7 +2699,8 @@ class Extension extends ExtensionData { ); } else if ( this.startupReason === "ADDON_INSTALL" && - !Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) + !Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) && + !PERSISTENT_EXTENSIONS.has(this.id) ) { // If the extension has been just installed, set it as migrated, // because there will not be any data to migrate. diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index ba562c92948d..dea49a8e9f79 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1501,6 +1501,19 @@ var XPIStates = { continue; } + // Uninstall HTTPS Everywhere if it is installed in the user profile. + if ( + id === "https-everywhere-eff(a)eff.org" && + loc.name === KEY_APP_PROFILE + ) { + logger.debug( + "Uninstalling the HTTPS Everywhere extension from user profile." + ); + loc.installer.uninstallAddon(id); + changed = true; + continue; + } + let xpiState = loc.get(id); if (!xpiState) { // If the location is not supported for sideloading, skip new

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 30605: Honor privacy.spoof_english in Android
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit 586c43d01e9896dacb3dd18a158f08733bc95001 Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Oct 16 10:45:17 2020 +0200 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. --- mobile/android/components/geckoview/GeckoViewStartup.jsm | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/mobile/android/components/geckoview/GeckoViewStartup.jsm b/mobile/android/components/geckoview/GeckoViewStartup.jsm index 055c3da638e1..2bf394f2cb3b 100644 --- a/mobile/android/components/geckoview/GeckoViewStartup.jsm +++ b/mobile/android/components/geckoview/GeckoViewStartup.jsm @@ -17,6 +17,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { EventDispatcher: "resource://gre/modules/Messaging.jsm", Preferences: "resource://gre/modules/Preferences.jsm", Services: "resource://gre/modules/Services.jsm", + RFPHelper: "resource://gre/modules/RFPHelper.jsm", }); const { debug, warn } = GeckoViewUtils.initLogging("Startup"); @@ -255,6 +256,10 @@ class GeckoViewStartup { if (aData.requestedLocales) { Services.locale.requestedLocales = aData.requestedLocales; } + RFPHelper._handleSpoofEnglishChanged(); + if (Services.prefs.getIntPref("privacy.spoof_english", 0) === 2) { + break; + } const pls = Cc["@mozilla.org/pref-localizedstring;1"].createInstance( Ci.nsIPrefLocalizedString );

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40198: Expose privacy.spoof_english pref in GeckoView
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit 9c554b98ec1064c129b6dd9bcf379d006e44e046 Author: Alex Catarineu <acat(a)torproject.org> Date: Sun Oct 18 17:06:04 2020 +0200 Bug 40198: Expose privacy.spoof_english pref in GeckoView --- mobile/android/geckoview/api.txt | 3 ++ .../mozilla/geckoview/GeckoRuntimeSettings.java | 33 ++++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt index f9f0c9d14a8a..3335aaffb1fb 100644 --- a/mobile/android/geckoview/api.txt +++ b/mobile/android/geckoview/api.txt @@ -737,6 +737,7 @@ package org.mozilla.geckoview { method public boolean getRemoteDebuggingEnabled(); method @Nullable public GeckoRuntime getRuntime(); method @Nullable public Rect getScreenSizeOverride(); + method public boolean getSpoofEnglish(); method @Nullable public RuntimeTelemetry.Delegate getTelemetryDelegate(); method public int getTorSecurityLevel(); method public boolean getUseMaxScreenDepth(); @@ -759,6 +760,7 @@ package org.mozilla.geckoview { method @NonNull public GeckoRuntimeSettings setLoginAutofillEnabled(boolean); method @NonNull public GeckoRuntimeSettings setPreferredColorScheme(int); method @NonNull public GeckoRuntimeSettings setRemoteDebuggingEnabled(boolean); + method @NonNull public GeckoRuntimeSettings setSpoofEnglish(boolean); method @NonNull public GeckoRuntimeSettings setTorSecurityLevel(int); method @NonNull public GeckoRuntimeSettings setWebFontsEnabled(boolean); method @NonNull public GeckoRuntimeSettings setWebManifestEnabled(boolean); @@ -799,6 +801,7 @@ package org.mozilla.geckoview { method @NonNull public GeckoRuntimeSettings.Builder preferredColorScheme(int); method @NonNull public GeckoRuntimeSettings.Builder remoteDebuggingEnabled(boolean); method @NonNull public GeckoRuntimeSettings.Builder screenSizeOverride(int, int); + method @NonNull public GeckoRuntimeSettings.Builder spoofEnglish(boolean); method @NonNull public GeckoRuntimeSettings.Builder telemetryDelegate(@NonNull RuntimeTelemetry.Delegate); method @NonNull public GeckoRuntimeSettings.Builder torSecurityLevel(int); method @NonNull public GeckoRuntimeSettings.Builder useMaxScreenDepth(boolean); diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java index d88e296d554a..5b54447cb6e6 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java @@ -483,6 +483,17 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { getSettings().mTorSecurityLevel.set(level); return this; } + + /** + * Sets whether we should spoof locale to English for webpages. + * + * @param flag True if we should spoof locale to English for webpages, false otherwise. + * @return This Builder instance. + */ + public @NonNull Builder spoofEnglish(final boolean flag) { + getSettings().mSpoofEnglish.set(flag ? 2 : 1); + return this; + } } private GeckoRuntime mRuntime; @@ -541,6 +552,8 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { "dom.ipc.processCount", 2); /* package */ final Pref<Integer> mTorSecurityLevel = new Pref<>( "extensions.torbutton.security_slider", 4); + /* package */ final Pref<Integer> mSpoofEnglish = new Pref<>( + "privacy.spoof_english", 0); /* package */ int mPreferredColorScheme = COLOR_SCHEME_SYSTEM; @@ -1319,6 +1332,26 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { return this; } + /** + * Get whether we should spoof locale to English for webpages. + * + * @return Whether we should spoof locale to English for webpages. + */ + public boolean getSpoofEnglish() { + return mSpoofEnglish.get() == 2; + } + + /** + * Set whether we should spoof locale to English for webpages. + * + * @param flag A flag determining whether we should locale to English for webpages. + * @return This GeckoRuntimeSettings instance. + */ + public @NonNull GeckoRuntimeSettings setSpoofEnglish(final boolean flag) { + mSpoofEnglish.commit(flag ? 2 : 1); + return this; + } + @Override // Parcelable public void writeToParcel(final Parcel out, final int flags) { super.writeToParcel(out, flags);

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit eaa58a17f5eb72c2c3b3d53bd2dad3a514c7dacf Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Jul 14 11:15:07 2020 -0400 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. --- browser/components/aboutlogins/AboutLoginsParent.jsm | 2 ++ browser/components/aboutlogins/content/aboutLogins.css | 8 +++++++- browser/components/aboutlogins/content/aboutLogins.js | 6 ++++++ .../aboutlogins/content/components/fxaccounts-button.css | 5 +++++ .../components/aboutlogins/content/components/menu-button.css | 10 ++++++++++ 5 files changed, 30 insertions(+), 1 deletion(-) diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm b/browser/components/aboutlogins/AboutLoginsParent.jsm index db0b55d26abc..39fd2356ce99 100644 --- a/browser/components/aboutlogins/AboutLoginsParent.jsm +++ b/browser/components/aboutlogins/AboutLoginsParent.jsm @@ -61,6 +61,7 @@ XPCOMUtils.defineLazyGetter(this, "AboutLoginsL10n", () => { const ABOUT_LOGINS_ORIGIN = "about:logins"; const MASTER_PASSWORD_NOTIFICATION_ID = "master-password-login-required"; +const NOCERTDB_PREF = "security.nocertdb"; // about:logins will always use the privileged content process, // even if it is disabled for other consumers such as about:newtab. @@ -273,6 +274,7 @@ class AboutLoginsParent extends JSWindowActorParent { importVisible: Services.policies.isAllowed("profileImport") && AppConstants.platform != "linux", + canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false), }); await AboutLogins._sendAllLoginRelatedObjects( diff --git a/browser/components/aboutlogins/content/aboutLogins.css b/browser/components/aboutlogins/content/aboutLogins.css index e3528ca49b84..eaa224178487 100644 --- a/browser/components/aboutlogins/content/aboutLogins.css +++ b/browser/components/aboutlogins/content/aboutLogins.css @@ -69,6 +69,11 @@ login-item { grid-area: login; } +/* Do not promote Mozilla Sync in Tor Browser. */ +login-intro { + display: none !important; +} + #branding-logo { flex-basis: var(--sidebar-width); flex-shrink: 0; @@ -83,7 +88,8 @@ login-item { } } -:root:not(.official-branding) #branding-logo { +/* Hide "Firefox LockWise" branding in Tor Browser. */ +#branding-logo { visibility: hidden; } diff --git a/browser/components/aboutlogins/content/aboutLogins.js b/browser/components/aboutlogins/content/aboutLogins.js index 494ef5c7a15b..27ff0295f2f6 100644 --- a/browser/components/aboutlogins/content/aboutLogins.js +++ b/browser/components/aboutlogins/content/aboutLogins.js @@ -22,6 +22,9 @@ const gElements = { ".menuitem-remove-all-logins" ); }, + get createNewLoginButton() { + return this.loginList.shadowRoot.querySelector(".create-login-button"); + }, }; let numberOfLogins = 0; @@ -128,6 +131,9 @@ window.addEventListener("AboutLoginsChromeToContent", event => { gElements.loginList.setSortDirection(event.detail.value.selectedSort); document.documentElement.classList.add("initialized"); gElements.loginList.classList.add("initialized"); + if (!event.detail.value.canCreateLogins) { + gElements.createNewLoginButton.disabled = true; + } break; } case "ShowLoginItemError": { diff --git a/browser/components/aboutlogins/content/components/fxaccounts-button.css b/browser/components/aboutlogins/content/components/fxaccounts-button.css index c8925f6fc75d..55c2a8810fa1 100644 --- a/browser/components/aboutlogins/content/components/fxaccounts-button.css +++ b/browser/components/aboutlogins/content/components/fxaccounts-button.css @@ -8,6 +8,11 @@ align-items: center; } +/* Do not promote Mozilla Sync in Tor Browser. */ +.logged-out-view { + display: none !important; +} + .fxaccounts-extra-text { /* Only show at most 3 lines of text to limit the text from overflowing the header. */ diff --git a/browser/components/aboutlogins/content/components/menu-button.css b/browser/components/aboutlogins/content/components/menu-button.css index 99ca6a711093..24cdb48773f9 100644 --- a/browser/components/aboutlogins/content/components/menu-button.css +++ b/browser/components/aboutlogins/content/components/menu-button.css @@ -92,3 +92,13 @@ .menuitem-preferences { background-image: url("chrome://global/skin/icons/settings.svg"); } + +/* + * Do not promote LockWise mobile apps in Tor Browser: hide the menu items + * and the separator line that precedes them. + */ +.menuitem-mobile-android, +.menuitem-mobile-ios, +button[data-event-name="AboutLoginsGetHelp"] + hr { + display: none !important; +}

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40597: Implement TorSettings module
by sysrqb＠torproject.org 03 Dec '21

03 Dec '21

commit dd142c5a83dbee21d4e060bad404e8f20a9e30ab Author: Richard Pospesel <richard(a)torproject.org> Date: Fri Aug 6 16:39:03 2021 +0200 Bug 40597: Implement TorSettings module - migrated in-page settings read/write implementation from about:preferences#tor to the TorSettings module - TorSettings initially loads settings from the tor daemon, and saves them to firefox prefs - TorSettings notifies observers when a setting has changed; currently only QuickStart notification is implemented for parity with previous preference notify logic in about:torconnect and about:preferences#tor - about:preferences#tor, and about:torconnect now read and write settings thorugh the TorSettings module - all tor settings live in the torbrowser.settings.* preference branch - removed unused pref modify permission for about:torconnect content page from AsyncPrefs.jsm --- browser/components/torconnect/TorConnectParent.jsm | 25 +- .../torpreferences/content/parseFunctions.jsm | 89 --- .../torpreferences/content/torBridgeSettings.jsm | 325 -------- .../torpreferences/content/torFirewallSettings.jsm | 72 -- .../components/torpreferences/content/torPane.js | 301 ++++---- .../torpreferences/content/torProxySettings.jsm | 245 ------- browser/components/torpreferences/jar.mn | 12 +- browser/modules/TorConnect.jsm | 47 +- browser/modules/TorSettings.jsm | 814 +++++++++++++++++++++ browser/modules/moz.build | 1 + .../processsingleton/MainProcessSingleton.jsm | 5 + toolkit/modules/AsyncPrefs.jsm | 1 - 12 files changed, 989 insertions(+), 948 deletions(-) diff --git a/browser/components/torconnect/TorConnectParent.jsm b/browser/components/torconnect/TorConnectParent.jsm index 526c588a423e..2fbc2a5c7c7c 100644 --- a/browser/components/torconnect/TorConnectParent.jsm +++ b/browser/components/torconnect/TorConnectParent.jsm @@ -7,10 +7,9 @@ const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); const { TorConnect, TorConnectTopics, TorConnectState } = ChromeUtils.import( "resource:///modules/TorConnect.jsm" ); - -const TorLauncherPrefs = Object.freeze({ - quickstart: "extensions.torlauncher.quickstart", -}); +const { TorSettings, TorSettingsTopics, TorSettingsData } = ChromeUtils.import( + "resource:///modules/TorSettings.jsm" +); /* This object is basically a marshalling interface between the TorConnect module @@ -31,7 +30,7 @@ class TorConnectParent extends JSWindowActorParent { BootstrapProgress: TorConnect.bootstrapProgress, BootstrapStatus: TorConnect.bootstrapStatus, ShowCopyLog: TorConnect.logHasWarningOrError, - QuickStartEnabled: Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false), + QuickStartEnabled: TorSettings.quickstart.enabled, }; // JSWindowActiveParent derived objects cannot observe directly, so create a member @@ -78,9 +77,12 @@ class TorConnectParent extends JSWindowActorParent { // TODO: handle break; } - case "nsPref:changed": { - if (aData === TorLauncherPrefs.quickstart) { - self.state.QuickStartEnabled = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart); + case TorSettingsTopics.SettingChanged:{ + if (aData === TorSettingsData.QuickStartEnabled) { + self.state.QuickStartEnabled = obj.value; + } else { + // this isn't a setting torconnect cares about + return; } break; } @@ -98,7 +100,7 @@ class TorConnectParent extends JSWindowActorParent { const topic = TorConnectTopics[key]; Services.obs.addObserver(this.torConnectObserver, topic); } - Services.prefs.addObserver(TorLauncherPrefs.quickstart, this.torConnectObserver); + Services.obs.addObserver(this.torConnectObserver, TorSettingsTopics.SettingChanged); } willDestroy() { @@ -107,13 +109,14 @@ class TorConnectParent extends JSWindowActorParent { const topic = TorConnectTopics[key]; Services.obs.removeObserver(this.torConnectObserver, topic); } - Services.prefs.removeObserver(TorLauncherPrefs.quickstart, this.torConnectObserver); + Services.obs.removeObserver(this.torConnectObserver, TorSettingsTopics.SettingChanged); } receiveMessage(message) { switch (message.name) { case "torconnect:set-quickstart": - Services.prefs.setBoolPref(TorLauncherPrefs.quickstart, message.data); + TorSettings.quickstart.enabled = message.data; + TorSettings.saveToPrefs().applySettings(); break; case "torconnect:open-tor-preferences": TorConnect.openTorPreferences(); diff --git a/browser/components/torpreferences/content/parseFunctions.jsm b/browser/components/torpreferences/content/parseFunctions.jsm deleted file mode 100644 index 954759de63a5..000000000000 --- a/browser/components/torpreferences/content/parseFunctions.jsm +++ /dev/null @@ -1,89 +0,0 @@ -"use strict"; - -var EXPORTED_SYMBOLS = [ - "parsePort", - "parseAddrPort", - "parseUsernamePassword", - "parseAddrPortList", - "parseBridgeStrings", - "parsePortList", -]; - -// expects a string representation of an integer from 1 to 65535 -let parsePort = function(aPort) { - // ensure port string is a valid positive integer - const validIntRegex = /^[0-9]+$/; - if (!validIntRegex.test(aPort)) { - throw new Error(`Invalid PORT string : '${aPort}'`); - } - - // ensure port value is on valid range - let port = Number.parseInt(aPort); - if (port < 1 || port > 65535) { - throw new Error( - `Invalid PORT value, needs to be on range [1,65535] : '${port}'` - ); - } - - return port; -}; -// expects a string in the format: "ADDRESS:PORT" -let parseAddrPort = function(aAddrColonPort) { - let tokens = aAddrColonPort.split(":"); - if (tokens.length != 2) { - throw new Error(`Invalid ADDRESS:PORT string : '${aAddrColonPort}'`); - } - let address = tokens[0]; - let port = parsePort(tokens[1]); - return [address, port]; -}; - -// expects a string in the format: "USERNAME:PASSWORD" -// split on the first colon and any subsequent go into password -let parseUsernamePassword = function(aUsernameColonPassword) { - let colonIndex = aUsernameColonPassword.indexOf(":"); - if (colonIndex < 0) { - // we don't log the contents of the potentially password containing string - throw new Error("Invalid USERNAME:PASSWORD string"); - } - - let username = aUsernameColonPassword.substring(0, colonIndex); - let password = aUsernameColonPassword.substring(colonIndex + 1); - - return [username, password]; -}; - -// expects a string in the format: ADDRESS:PORT,ADDRESS:PORT,... -// returns array of ports (as ints) -let parseAddrPortList = function(aAddrPortList) { - let addrPorts = aAddrPortList.split(","); - // parse ADDRESS:PORT string and only keep the port (second element in returned array) - let retval = addrPorts.map(addrPort => parseAddrPort(addrPort)[1]); - return retval; -}; - -// expects a '/n' or '/r/n' delimited bridge string, which we split and trim -// each bridge string can also optionally have 'bridge' at the beginning ie: -// bridge $(type) $(address):$(port) $(certificate) -// we strip out the 'bridge' prefix here -let parseBridgeStrings = function(aBridgeStrings) { - - // replace carriage returns ('\r') with new lines ('\n') - aBridgeStrings = aBridgeStrings.replace(/\r/g, "\n"); - // then replace contiguous new lines ('\n') with a single one - aBridgeStrings = aBridgeStrings.replace(/[\n]+/g, "\n"); - - // split on the newline and for each bridge string: trim, remove starting 'bridge' string - // finally discard entries that are empty strings; empty strings could occur if we receive - // a new line containing only whitespace - let splitStrings = aBridgeStrings.split("\n"); - return splitStrings.map(val => val.trim().replace(/^bridge\s+/i, "")) - .filter(bridgeString => bridgeString != ""); -}; - -// expecting a ',' delimited list of ints with possible white space between -// returns an array of ints -let parsePortList = function(aPortListString) { - let splitStrings = aPortListString.split(","); - return splitStrings.map(val => parsePort(val.trim())); -}; diff --git a/browser/components/torpreferences/content/torBridgeSettings.jsm b/browser/components/torpreferences/content/torBridgeSettings.jsm deleted file mode 100644 index ceb61d3ec972..000000000000 --- a/browser/components/torpreferences/content/torBridgeSettings.jsm +++ /dev/null @@ -1,325 +0,0 @@ -"use strict"; - -var EXPORTED_SYMBOLS = [ - "TorBridgeSource", - "TorBridgeSettings", - "makeTorBridgeSettingsNone", - "makeTorBridgeSettingsBuiltin", - "makeTorBridgeSettingsBridgeDB", - "makeTorBridgeSettingsUserProvided", -]; - -const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); -const { TorProtocolService } = ChromeUtils.import( - "resource:///modules/TorProtocolService.jsm" -); -const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); - -const TorBridgeSource = { - NONE: "NONE", - BUILTIN: "BUILTIN", - BRIDGEDB: "BRIDGEDB", - USERPROVIDED: "USERPROVIDED", -}; - -class TorBridgeSettings { - constructor() { - this._bridgeSource = TorBridgeSource.NONE; - this._selectedDefaultBridgeType = null; - this._bridgeStrings = []; - } - - get selectedDefaultBridgeType() { - if (this._bridgeSource == TorBridgeSource.BUILTIN) { - return this._selectedDefaultBridgeType; - } - return undefined; - } - - get bridgeSource() { - return this._bridgeSource; - } - - // for display - get bridgeStrings() { - return this._bridgeStrings.join("\n"); - } - - // raw - get bridgeStringsArray() { - return this._bridgeStrings; - } - - static get defaultBridgeTypes() { - if (TorBridgeSettings._defaultBridgeTypes) { - return TorBridgeSettings._defaultBridgeTypes; - } - - let bridgeListBranch = Services.prefs.getBranch( - TorStrings.preferenceBranches.defaultBridge - ); - let bridgePrefs = bridgeListBranch.getChildList("", {}); - - // an unordered set for shoving bridge types into - let bridgeTypes = new Set(); - // look for keys ending in ".N" and treat string before that as the bridge type - const pattern = /\.[0-9]+$/; - for (const key of bridgePrefs) { - const offset = key.search(pattern); - if (offset != -1) { - const bt = key.substring(0, offset); - bridgeTypes.add(bt); - } - } - - // recommended bridge type goes first in the list - let recommendedBridgeType = Services.prefs.getCharPref( - TorStrings.preferenceKeys.recommendedBridgeType, - null - ); - - let retval = []; - if (recommendedBridgeType && bridgeTypes.has(recommendedBridgeType)) { - retval.push(recommendedBridgeType); - } - - for (const bridgeType of bridgeTypes.values()) { - if (bridgeType != recommendedBridgeType) { - retval.push(bridgeType); - } - } - - // cache off - TorBridgeSettings._defaultBridgeTypes = retval; - return retval; - } - - _readDefaultBridges(aBridgeType) { - let bridgeBranch = Services.prefs.getBranch( - TorStrings.preferenceBranches.defaultBridge - ); - let bridgeBranchPrefs = bridgeBranch.getChildList("", {}); - - let retval = []; - - // regex matches against strings ending in ".N" where N is a positive integer - let pattern = /\.[0-9]+$/; - for (const key of bridgeBranchPrefs) { - // verify the location of the match is the correct offset required for aBridgeType - // to fit, and that the string begins with aBridgeType - if ( - key.search(pattern) == aBridgeType.length && - key.startsWith(aBridgeType) - ) { - let bridgeStr = bridgeBranch.getCharPref(key); - retval.push(bridgeStr); - } - } - - // fisher-yates shuffle - // shuffle so that Tor Browser users don't all try the built-in bridges in the same order - for (let i = retval.length - 1; i > 0; --i) { - // number n such that 0.0 <= n < 1.0 - const n = Math.random(); - // integer j such that 0 <= j <= i - const j = Math.floor(n * (i + 1)); - - // swap values at indices i and j - const tmp = retval[i]; - retval[i] = retval[j]; - retval[j] = tmp; - } - - return retval; - } - - _readBridgeDBBridges() { - let bridgeBranch = Services.prefs.getBranch( - `${TorStrings.preferenceBranches.bridgeDBBridges}` - ); - let bridgeBranchPrefs = bridgeBranch.getChildList("", {}); - // the child prefs do not come in any particular order so sort the keys - // so the values can be compared to what we get out off torrc - bridgeBranchPrefs.sort(); - - // just assume all of the prefs under the parent point to valid bridge string - let retval = bridgeBranchPrefs.map(key => - bridgeBranch.getCharPref(key).trim() - ); - - return retval; - } - - _readTorrcBridges() { - let bridgeList = TorProtocolService.readStringArraySetting( - TorStrings.configKeys.bridgeList - ); - - let retval = []; - for (const line of bridgeList) { - let trimmedLine = line.trim(); - if (trimmedLine) { - retval.push(trimmedLine); - } - } - - return retval; - } - - // analagous to initBridgeSettings() - readSettings() { - // restore to defaults - this._bridgeSource = TorBridgeSource.NONE; - this._selectedDefaultBridgeType = null; - this._bridgeStrings = []; - - // So the way tor-launcher determines the origin of the configured bridges is a bit - // weird and depends on inferring our scenario based on some firefox prefs and the - // relationship between the saved list of bridges in about:config vs the list saved in torrc - - // first off, if "extensions.torlauncher.default_bridge_type" is set to one of our - // builtin default types (obfs4, meek-azure, snowflake, etc) then we provide the - // bridges in "extensions.torlauncher.default_bridge.*" (filtered by our default_bridge_type) - - // next, we compare the list of bridges saved in torrc to the bridges stored in the - // "extensions.torlauncher.bridgedb_bridge."" branch. If they match *exactly* then we assume - // the bridges were retrieved from BridgeDB and use those. If the torrc list is empty then we know - // we have no bridge settings - - // finally, if none of the previous conditions are not met, it is assumed the bridges stored in - // torrc are user-provided - - // what we should(?) do once we excise tor-launcher entirely is explicitly store an int/enum in - // about:config that tells us which scenario we are in so we don't have to guess - - let defaultBridgeType = Services.prefs.getCharPref( - TorStrings.preferenceKeys.defaultBridgeType, - null - ); - - // check if source is BUILTIN - if (defaultBridgeType) { - this._bridgeStrings = this._readDefaultBridges(defaultBridgeType); - this._bridgeSource = TorBridgeSource.BUILTIN; - this._selectedDefaultBridgeType = defaultBridgeType; - return; - } - - let torrcBridges = this._readTorrcBridges(); - - // no stored bridges means no bridge is in use - if (torrcBridges.length == 0) { - this._bridgeStrings = []; - this._bridgeSource = TorBridgeSource.NONE; - return; - } - - let bridgedbBridges = this._readBridgeDBBridges(); - - // if these two lists are equal then we got our bridges from bridgedb - // ie: same element in identical order - let arraysEqual = (left, right) => { - if (left.length != right.length) { - return false; - } - const length = left.length; - for (let i = 0; i < length; ++i) { - if (left[i] != right[i]) { - return false; - } - } - return true; - }; - - // agreement between prefs and torrc means bridgedb bridges - if (arraysEqual(torrcBridges, bridgedbBridges)) { - this._bridgeStrings = torrcBridges; - this._bridgeSource = TorBridgeSource.BRIDGEDB; - return; - } - - // otherwise they must be user provided - this._bridgeStrings = torrcBridges; - this._bridgeSource = TorBridgeSource.USERPROVIDED; - } - - writeSettings() { - let settingsObject = new Map(); - - // init tor bridge settings to null - settingsObject.set(TorStrings.configKeys.useBridges, null); - settingsObject.set(TorStrings.configKeys.bridgeList, null); - - // clear bridge related firefox prefs - Services.prefs.setCharPref(TorStrings.preferenceKeys.defaultBridgeType, ""); - let bridgeBranch = Services.prefs.getBranch( - `${TorStrings.preferenceBranches.bridgeDBBridges}` - ); - let bridgeBranchPrefs = bridgeBranch.getChildList("", {}); - for (const pref of bridgeBranchPrefs) { - Services.prefs.clearUserPref( - `${TorStrings.preferenceBranches.bridgeDBBridges}${pref}` - ); - } - - switch (this._bridgeSource) { - case TorBridgeSource.BUILTIN: - // set builtin bridge type to use in prefs - Services.prefs.setCharPref( - TorStrings.preferenceKeys.defaultBridgeType, - this._selectedDefaultBridgeType - ); - break; - case TorBridgeSource.BRIDGEDB: - // save bridges off to prefs - for (let i = 0; i < this.bridgeStringsArray.length; ++i) { - Services.prefs.setCharPref( - `${TorStrings.preferenceBranches.bridgeDBBridges}${i}`, - this.bridgeStringsArray[i] - ); - } - break; - } - - // write over our bridge list if bridges are enabled - if (this._bridgeSource != TorBridgeSource.NONE) { - settingsObject.set(TorStrings.configKeys.useBridges, true); - settingsObject.set( - TorStrings.configKeys.bridgeList, - this.bridgeStringsArray - ); - } - TorProtocolService.writeSettings(settingsObject); - } -} - -function makeTorBridgeSettingsNone() { - return new TorBridgeSettings(); -} - -function makeTorBridgeSettingsBuiltin(aBridgeType) { - let retval = new TorBridgeSettings(); - retval._bridgeSource = TorBridgeSource.BUILTIN; - retval._selectedDefaultBridgeType = aBridgeType; - retval._bridgeStrings = retval._readDefaultBridges(aBridgeType); - - return retval; -} - -function makeTorBridgeSettingsBridgeDB(aBridges) { - let retval = new TorBridgeSettings(); - retval._bridgeSource = TorBridgeSource.BRIDGEDB; - retval._selectedDefaultBridgeType = null; - retval._bridgeStrings = aBridges; - - return retval; -} - -function makeTorBridgeSettingsUserProvided(aBridges) { - let retval = new TorBridgeSettings(); - retval._bridgeSource = TorBridgeSource.USERPROVIDED; - retval._selectedDefaultBridgeType = null; - retval._bridgeStrings = aBridges; - - return retval; -} diff --git a/browser/components/torpreferences/content/torFirewallSettings.jsm b/browser/components/torpreferences/content/torFirewallSettings.jsm deleted file mode 100644 index e77f18ef2fae..000000000000 --- a/browser/components/torpreferences/content/torFirewallSettings.jsm +++ /dev/null @@ -1,72 +0,0 @@ -"use strict"; - -var EXPORTED_SYMBOLS = [ - "TorFirewallSettings", - "makeTorFirewallSettingsNone", - "makeTorFirewallSettingsCustom", -]; - -const { TorProtocolService } = ChromeUtils.import( - "resource:///modules/TorProtocolService.jsm" -); -const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); -const { parseAddrPortList } = ChromeUtils.import( - "chrome://browser/content/torpreferences/parseFunctions.jsm" -); - -class TorFirewallSettings { - constructor() { - this._allowedPorts = []; - } - - get portsConfigurationString() { - let portStrings = this._allowedPorts.map(port => `*:${port}`); - return portStrings.join(","); - } - - get commaSeparatedListString() { - return this._allowedPorts.join(","); - } - - get hasPorts() { - return this._allowedPorts.length > 0; - } - - readSettings() { - let addressPortList = TorProtocolService.readStringSetting( - TorStrings.configKeys.reachableAddresses - ); - - let allowedPorts = []; - if (addressPortList) { - allowedPorts = parseAddrPortList(addressPortList); - } - this._allowedPorts = allowedPorts; - } - - writeSettings() { - let settingsObject = new Map(); - - // init to null so Tor daemon resets if no ports - settingsObject.set(TorStrings.configKeys.reachableAddresses, null); - - if (this._allowedPorts.length > 0) { - settingsObject.set( - TorStrings.configKeys.reachableAddresses, - this.portsConfigurationString - ); - } - - TorProtocolService.writeSettings(settingsObject); - } -} - -function makeTorFirewallSettingsNone() { - return new TorFirewallSettings(); -} - -function makeTorFirewallSettingsCustom(aPortsList) { - let retval = new TorFirewallSettings(); - retval._allowedPorts = aPortsList; - return retval; -} diff --git a/browser/components/torpreferences/content/torPane.js b/browser/components/torpreferences/content/torPane.js index 1f169cbe1a55..6905cbe473ac 100644 --- a/browser/components/torpreferences/content/torPane.js +++ b/browser/components/torpreferences/content/torPane.js @@ -2,6 +2,10 @@ /* global Services */ +const { TorSettings, TorSettingsTopics, TorSettingsData, TorBridgeSource, TorBuiltinBridgeTypes, TorProxyType } = ChromeUtils.import( + "resource:///modules/TorSettings.jsm" +); + const { TorProtocolService } = ChromeUtils.import( "resource:///modules/TorProtocolService.jsm" ); @@ -10,35 +14,6 @@ const { TorConnect, TorConnectTopics, TorConnectState } = ChromeUtils.import( "resource:///modules/TorConnect.jsm" ); -const { - TorBridgeSource, - TorBridgeSettings, - makeTorBridgeSettingsNone, - makeTorBridgeSettingsBuiltin, - makeTorBridgeSettingsBridgeDB, - makeTorBridgeSettingsUserProvided, -} = ChromeUtils.import( - "chrome://browser/content/torpreferences/torBridgeSettings.jsm" -); - -const { - TorProxyType, - TorProxySettings, - makeTorProxySettingsNone, - makeTorProxySettingsSocks4, - makeTorProxySettingsSocks5, - makeTorProxySettingsHTTPS, -} = ChromeUtils.import( - "chrome://browser/content/torpreferences/torProxySettings.jsm" -); -const { - TorFirewallSettings, - makeTorFirewallSettingsNone, - makeTorFirewallSettingsCustom, -} = ChromeUtils.import( - "chrome://browser/content/torpreferences/torFirewallSettings.jsm" -); - const { TorLogDialog } = ChromeUtils.import( "chrome://browser/content/torpreferences/torLogDialog.jsm" ); @@ -53,14 +28,6 @@ ChromeUtils.defineModuleGetter( "resource:///modules/TorStrings.jsm" ); -const { parsePort, parseBridgeStrings, parsePortList } = ChromeUtils.import( - "chrome://browser/content/torpreferences/parseFunctions.jsm" -); - -const TorLauncherPrefs = { - quickstart: "extensions.torlauncher.quickstart", -} - /* Tor Pane @@ -261,10 +228,11 @@ const gTorPane = (function() { ); this._enableQuickstartCheckbox.addEventListener("command", e => { const checked = this._enableQuickstartCheckbox.checked; - Services.prefs.setBoolPref(TorLauncherPrefs.quickstart, checked); + TorSettings.quickstart.enabled = checked; + TorSettings.saveToPrefs().applySettings(); }); - this._enableQuickstartCheckbox.checked = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart); - Services.prefs.addObserver(TorLauncherPrefs.quickstart, this); + this._enableQuickstartCheckbox.checked = TorSettings.quickstart.enabled; + Services.obs.addObserver(this, TorSettingsTopics.SettingChanged); // Bridge setup prefpane.querySelector(selectors.bridges.header).innerText = @@ -291,7 +259,7 @@ const gTorPane = (function() { this._bridgeSelectionRadiogroup = prefpane.querySelector( selectors.bridges.bridgeSelectionRadiogroup ); - this._bridgeSelectionRadiogroup.value = TorBridgeSource.BUILTIN; + this._bridgeSelectionRadiogroup.value = TorBridgeSource.BuiltIn; this._bridgeSelectionRadiogroup.addEventListener("command", e => { const value = this._bridgeSelectionRadiogroup.value; gTorPane.onSelectBridgeOption(value).onUpdateBridgeSettings(); @@ -305,7 +273,7 @@ const gTorPane = (function() { "label", TorStrings.settings.selectBridge ); - this._builtinBridgeOption.setAttribute("value", TorBridgeSource.BUILTIN); + this._builtinBridgeOption.setAttribute("value", TorBridgeSource.BuiltIn); this._builtinBridgeMenulist = prefpane.querySelector( selectors.bridges.builtinBridgeList ); @@ -321,7 +289,7 @@ const gTorPane = (function() { "label", TorStrings.settings.requestBridgeFromTorProject ); - this._requestBridgeOption.setAttribute("value", TorBridgeSource.BRIDGEDB); + this._requestBridgeOption.setAttribute("value", TorBridgeSource.BridgeDB); this._requestBridgeButton = prefpane.querySelector( selectors.bridges.requestBridgeButton ); @@ -346,7 +314,7 @@ const gTorPane = (function() { ); this._provideBridgeOption.setAttribute( "value", - TorBridgeSource.USERPROVIDED + TorBridgeSource.UserProvided ); prefpane.querySelector( selectors.bridges.provideBridgeDescription @@ -395,11 +363,11 @@ const gTorPane = (function() { let mockProxies = [ { - value: TorProxyType.SOCKS4, + value: TorProxyType.Socks4, label: TorStrings.settings.proxyTypeSOCKS4, }, { - value: TorProxyType.SOCKS5, + value: TorProxyType.Socks5, label: TorStrings.settings.proxyTypeSOCKS5, }, { value: TorProxyType.HTTPS, label: TorStrings.settings.proxyTypeHTTP }, @@ -550,12 +518,8 @@ const gTorPane = (function() { true ); - // load bridge settings - let torBridgeSettings = new TorBridgeSettings(); - torBridgeSettings.readSettings(); - - // populate the bridge list - for (let currentBridge of TorBridgeSettings.defaultBridgeTypes) { + // init bridge UI + for (let currentBridge of TorBuiltinBridgeTypes) { let menuEntry = document.createXULElement("menuitem"); menuEntry.setAttribute("value", currentBridge); menuEntry.setAttribute("label", currentBridge); @@ -564,53 +528,41 @@ const gTorPane = (function() { .appendChild(menuEntry); } - this.onSelectBridgeOption(torBridgeSettings.bridgeSource); - this.onToggleBridge( - torBridgeSettings.bridgeSource != TorBridgeSource.NONE - ); - switch (torBridgeSettings.bridgeSource) { - case TorBridgeSource.NONE: - break; - case TorBridgeSource.BUILTIN: - this._builtinBridgeMenulist.value = - torBridgeSettings.selectedDefaultBridgeType; - break; - case TorBridgeSource.BRIDGEDB: - this._requestBridgeTextarea.value = torBridgeSettings.bridgeStrings; - break; - case TorBridgeSource.USERPROVIDED: - this._provideBridgeTextarea.value = torBridgeSettings.bridgeStrings; - break; + if (TorSettings.bridges.enabled) { + this.onSelectBridgeOption(TorSettings.bridges.source); + this.onToggleBridge( + TorSettings.bridges.source != TorBridgeSource.Invalid + ); + switch (TorSettings.bridges.source) { + case TorBridgeSource.Invalid: + break; + case TorBridgeSource.BuiltIn: + this._builtinBridgeMenulist.value = TorSettings.bridges.builtin_type; + break; + case TorBridgeSource.BridgeDB: + this._requestBridgeTextarea.value = TorSettings.bridges.bridge_strings.join("\n"); + break; + case TorBridgeSource.UserProvided: + this._provideBridgeTextarea.value = TorSettings.bridges.bridge_strings.join("\n"); + break; + } } - this._bridgeSettings = torBridgeSettings; - - // load proxy settings - let torProxySettings = new TorProxySettings(); - torProxySettings.readSettings(); - - if (torProxySettings.type != TorProxyType.NONE) { + // init proxy UI + if (TorSettings.proxy.enabled) { this.onToggleProxy(true); - this.onSelectProxyType(torProxySettings.type); - this._proxyAddressTextbox.value = torProxySettings.address; - this._proxyPortTextbox.value = torProxySettings.port; - this._proxyUsernameTextbox.value = torProxySettings.username; - this._proxyPasswordTextbox.value = torProxySettings.password; + this.onSelectProxyType(TorSettings.proxy.type); + this._proxyAddressTextbox.value = TorSettings.proxy.address; + this._proxyPortTextbox.value = TorSettings.proxy.port; + this._proxyUsernameTextbox.value = TorSettings.proxy.username; + this._proxyPasswordTextbox.value = TorSettings.proxy.password; } - this._proxySettings = torProxySettings; - - // load firewall settings - let torFirewallSettings = new TorFirewallSettings(); - torFirewallSettings.readSettings(); - - if (torFirewallSettings.hasPorts) { + // init firewall + if (TorSettings.firewall.enabled) { this.onToggleFirewall(true); - this._allowedPortsTextbox.value = - torFirewallSettings.commaSeparatedListString; + this._allowedPortsTextbox.value = TorSettings.firewall.allowed_ports.join(", "); } - - this._firewallSettings = torFirewallSettings; }, init() { @@ -683,13 +635,17 @@ const gTorPane = (function() { if (enabled) { this.onSelectBridgeOption(this._bridgeSelectionRadiogroup.value); } else { - this.onSelectBridgeOption(TorBridgeSource.NONE); + this.onSelectBridgeOption(TorBridgeSource.Invalid); } return this; }, // callback when a bridge option is selected onSelectBridgeOption(source) { + if (typeof source === "string") { + source = parseInt(source); + } + // disable all of the bridge elements under radio buttons this._setElementsDisabled( [ @@ -701,23 +657,23 @@ const gTorPane = (function() { true ); - if (source != TorBridgeSource.NONE) { + if (source != TorBridgeSource.Invalid) { this._bridgeSelectionRadiogroup.value = source; } switch (source) { - case TorBridgeSource.BUILTIN: { + case TorBridgeSource.BuiltIn: { this._setElementsDisabled([this._builtinBridgeMenulist], false); break; } - case TorBridgeSource.BRIDGEDB: { + case TorBridgeSource.BridgeDB: { this._setElementsDisabled( [this._requestBridgeButton, this._requestBridgeTextarea], false ); break; } - case TorBridgeSource.USERPROVIDED: { + case TorBridgeSource.UserProvided: { this._setElementsDisabled([this._provideBridgeTextarea], false); break; } @@ -730,14 +686,17 @@ const gTorPane = (function() { let requestBridgeDialog = new RequestBridgeDialog(); requestBridgeDialog.openDialog( gSubDialog, - this._proxySettings.proxyURI, + TorSettings.proxy.uri, aBridges => { if (aBridges.length > 0) { - let bridgeSettings = makeTorBridgeSettingsBridgeDB(aBridges); - bridgeSettings.writeSettings(); - this._bridgeSettings = bridgeSettings; - - this._requestBridgeTextarea.value = bridgeSettings.bridgeStrings; + let bridgeStrings = aBridges.join("\n"); + TorSettings.bridges.enabled = true; + TorSettings.bridges.source = TorBridgeSource.BridgeDB; + TorSettings.bridges.bridge_strings = bridgeStrings; + TorSettings.saveToPrefs(); + TorSettings.applySettings().then((result) => { + this._requestBridgeTextarea.value = bridgeStrings; + }); } } ); @@ -746,53 +705,56 @@ const gTorPane = (function() { // pushes bridge settings from UI to tor onUpdateBridgeSettings() { - let bridgeSettings = null; - let source = this._useBridgeCheckbox.checked - ? this._bridgeSelectionRadiogroup.value - : TorBridgeSource.NONE; + ? parseInt(this._bridgeSelectionRadiogroup.value) + : TorBridgeSource.Invalid; + switch (source) { - case TorBridgeSource.NONE: { - bridgeSettings = makeTorBridgeSettingsNone(); - break; + case TorBridgeSource.Invalid: { + TorSettings.bridges.enabled = false; } - case TorBridgeSource.BUILTIN: { + break; + case TorBridgeSource.BuiltIn: { // if there is a built-in bridge already selected, use that let bridgeType = this._builtinBridgeMenulist.value; + console.log(`bridge type: ${bridgeType}`); if (bridgeType) { - bridgeSettings = makeTorBridgeSettingsBuiltin(bridgeType); + TorSettings.bridges.enabled = true; + TorSettings.bridges.source = TorBridgeSource.BuiltIn; + TorSettings.bridges.builtin_type = bridgeType; } else { - bridgeSettings = makeTorBridgeSettingsNone(); + TorSettings.bridges.enabled = false; } break; } - case TorBridgeSource.BRIDGEDB: { + case TorBridgeSource.BridgeDB: { // if there are bridgedb bridges saved in the text area, use them let bridgeStrings = this._requestBridgeTextarea.value; if (bridgeStrings) { - let bridgeStringList = parseBridgeStrings(bridgeStrings); - bridgeSettings = makeTorBridgeSettingsBridgeDB(bridgeStringList); + TorSettings.bridges.enabled = true; + TorSettings.bridges.source = TorBridgeSource.BridgeDB; + TorSettings.bridges.bridge_strings = bridgeStrings; } else { - bridgeSettings = makeTorBridgeSettingsNone(); + TorSettings.bridges.enabled = false; } break; } - case TorBridgeSource.USERPROVIDED: { + case TorBridgeSource.UserProvided: { // if bridges already exist in the text area, use them let bridgeStrings = this._provideBridgeTextarea.value; if (bridgeStrings) { - let bridgeStringList = parseBridgeStrings(bridgeStrings); - bridgeSettings = makeTorBridgeSettingsUserProvided( - bridgeStringList - ); + TorSettings.bridges.enabled = true; + TorSettings.bridges.source = TorBridgeSource.UserProvided; + TorSettings.bridges.bridge_strings = bridgeStrings; } else { - bridgeSettings = makeTorBridgeSettingsNone(); + TorSettings.bridges.enabled = false; } break; } } - bridgeSettings.writeSettings(); - this._bridgeSettings = bridgeSettings; + TorSettings.saveToPrefs(); + TorSettings.applySettings(); + return this; }, @@ -822,12 +784,13 @@ const gTorPane = (function() { // callback when proxy type is changed onSelectProxyType(value) { - if (value == "") { - value = TorProxyType.NONE; + if (typeof value === "string") { + value = parseInt(value); } + this._proxyTypeMenulist.value = value; switch (value) { - case TorProxyType.NONE: { + case TorProxyType.Invalid: { this._setElementsDisabled( [ this._proxyAddressLabel, @@ -848,7 +811,7 @@ const gTorPane = (function() { this._proxyPasswordTextbox.value = ""; break; } - case TorProxyType.SOCKS4: { + case TorProxyType.Socks4: { this._setElementsDisabled( [ this._proxyAddressLabel, @@ -872,7 +835,7 @@ const gTorPane = (function() { this._proxyPasswordTextbox.value = ""; break; } - case TorProxyType.SOCKS5: + case TorProxyType.Socks5: case TorProxyType.HTTPS: { this._setElementsDisabled( [ @@ -895,46 +858,45 @@ const gTorPane = (function() { // pushes proxy settings from UI to tor onUpdateProxySettings() { - const proxyType = this._useProxyCheckbox.checked - ? this._proxyTypeMenulist.value - : TorProxyType.NONE; - const addressString = this._proxyAddressTextbox.value; - const portString = this._proxyPortTextbox.value; - const usernameString = this._proxyUsernameTextbox.value; - const passwordString = this._proxyPasswordTextbox.value; - - let proxySettings = null; - - switch (proxyType) { - case TorProxyType.NONE: - proxySettings = makeTorProxySettingsNone(); + const type = this._useProxyCheckbox.checked + ? parseInt(this._proxyTypeMenulist.value) + : TorProxyType.Invalid; + const address = this._proxyAddressTextbox.value; + const port = this._proxyPortTextbox.value; + const username = this._proxyUsernameTextbox.value; + const password = this._proxyPasswordTextbox.value; + + switch (type) { + case TorProxyType.Invalid: + TorSettings.proxy.enabled = false; break; - case TorProxyType.SOCKS4: - proxySettings = makeTorProxySettingsSocks4( - addressString, - parsePort(portString) - ); + case TorProxyType.Socks4: + TorSettings.proxy.enabled = true; + TorSettings.proxy.type = type; + TorSettings.proxy.address = address; + TorSettings.proxy.port = port; + break; - case TorProxyType.SOCKS5: - proxySettings = makeTorProxySettingsSocks5( - addressString, - parsePort(portString), - usernameString, - passwordString - ); + case TorProxyType.Socks5: + TorSettings.proxy.enabled = true; + TorSettings.proxy.type = type; + TorSettings.proxy.address = address; + TorSettings.proxy.port = port; + TorSettings.proxy.username = username; + TorSettings.proxy.password = password; break; case TorProxyType.HTTPS: - proxySettings = makeTorProxySettingsHTTPS( - addressString, - parsePort(portString), - usernameString, - passwordString - ); + TorSettings.proxy.enabled = true; + TorSettings.proxy.type = type; + TorSettings.proxy.address = address; + TorSettings.proxy.port = port; + TorSettings.proxy.username = username; + TorSettings.proxy.password = password; break; } + TorSettings.saveToPrefs(); + TorSettings.applySettings(); - proxySettings.writeSettings(); - this._proxySettings = proxySettings; return this; }, @@ -953,21 +915,20 @@ const gTorPane = (function() { // pushes firewall settings from UI to tor onUpdateFirewallSettings() { + let portListString = this._useFirewallCheckbox.checked ? this._allowedPortsTextbox.value : ""; - let firewallSettings = null; if (portListString) { - firewallSettings = makeTorFirewallSettingsCustom( - parsePortList(portListString) - ); + TorSettings.firewall.enabled = true; + TorSettings.firewall.allowed_ports = portListString; } else { - firewallSettings = makeTorFirewallSettingsNone(); + TorSettings.firewall.enabled = false; } + TorSettings.saveToPrefs(); + TorSettings.applySettings(); - firewallSettings.writeSettings(); - this._firewallSettings = firewallSettings; return this; }, diff --git a/browser/components/torpreferences/content/torProxySettings.jsm b/browser/components/torpreferences/content/torProxySettings.jsm deleted file mode 100644 index 98bb5e8d5cbf..000000000000 --- a/browser/components/torpreferences/content/torProxySettings.jsm +++ /dev/null @@ -1,245 +0,0 @@ -"use strict"; - -var EXPORTED_SYMBOLS = [ - "TorProxyType", - "TorProxySettings", - "makeTorProxySettingsNone", - "makeTorProxySettingsSocks4", - "makeTorProxySettingsSocks5", - "makeTorProxySettingsHTTPS", -]; - -const { TorProtocolService } = ChromeUtils.import( - "resource:///modules/TorProtocolService.jsm" -); -const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); -const { parseAddrPort, parseUsernamePassword } = ChromeUtils.import( - "chrome://browser/content/torpreferences/parseFunctions.jsm" -); - -const TorProxyType = { - NONE: "NONE", - SOCKS4: "SOCKS4", - SOCKS5: "SOCKS5", - HTTPS: "HTTPS", -}; - -class TorProxySettings { - constructor() { - this._proxyType = TorProxyType.NONE; - this._proxyAddress = undefined; - this._proxyPort = undefined; - this._proxyUsername = undefined; - this._proxyPassword = undefined; - } - - get type() { - return this._proxyType; - } - get address() { - return this._proxyAddress; - } - get port() { - return this._proxyPort; - } - get username() { - return this._proxyUsername; - } - get password() { - return this._proxyPassword; - } - get proxyURI() { - switch (this._proxyType) { - case TorProxyType.SOCKS4: - return `socks4a://${this._proxyAddress}:${this._proxyPort}`; - case TorProxyType.SOCKS5: - if (this._proxyUsername) { - return `socks5://${this._proxyUsername}:${this._proxyPassword}@${ - this._proxyAddress - }:${this._proxyPort}`; - } - return `socks5://${this._proxyAddress}:${this._proxyPort}`; - case TorProxyType.HTTPS: - if (this._proxyUsername) { - return `http://${this._proxyUsername}:${this._proxyPassword}@${ - this._proxyAddress - }:${this._proxyPort}`; - } - return `http://${this._proxyAddress}:${this._proxyPort}`; - } - return undefined; - } - - // attempts to read proxy settings from Tor daemon - readSettings() { - // SOCKS4 - { - let addressPort = TorProtocolService.readStringSetting( - TorStrings.configKeys.socks4Proxy - ); - if (addressPort) { - // address+port - let [proxyAddress, proxyPort] = parseAddrPort(addressPort); - - this._proxyType = TorProxyType.SOCKS4; - this._proxyAddress = proxyAddress; - this._proxyPort = proxyPort; - this._proxyUsername = ""; - this._proxyPassword = ""; - - return; - } - } - - // SOCKS5 - { - let addressPort = TorProtocolService.readStringSetting( - TorStrings.configKeys.socks5Proxy - ); - - if (addressPort) { - // address+port - let [proxyAddress, proxyPort] = parseAddrPort(addressPort); - // username - let proxyUsername = TorProtocolService.readStringSetting( - TorStrings.configKeys.socks5ProxyUsername - ); - // password - let proxyPassword = TorProtocolService.readStringSetting( - TorStrings.configKeys.socks5ProxyPassword - ); - - this._proxyType = TorProxyType.SOCKS5; - this._proxyAddress = proxyAddress; - this._proxyPort = proxyPort; - this._proxyUsername = proxyUsername; - this._proxyPassword = proxyPassword; - - return; - } - } - - // HTTP - { - let addressPort = TorProtocolService.readStringSetting( - TorStrings.configKeys.httpsProxy - ); - - if (addressPort) { - // address+port - let [proxyAddress, proxyPort] = parseAddrPort(addressPort); - - // username:password - let proxyAuthenticator = TorProtocolService.readStringSetting( - TorStrings.configKeys.httpsProxyAuthenticator - ); - - let [proxyUsername, proxyPassword] = ["", ""]; - if (proxyAuthenticator) { - [proxyUsername, proxyPassword] = parseUsernamePassword( - proxyAuthenticator - ); - } - - this._proxyType = TorProxyType.HTTPS; - this._proxyAddress = proxyAddress; - this._proxyPort = proxyPort; - this._proxyUsername = proxyUsername; - this._proxyPassword = proxyPassword; - } - } - // no proxy settings - } /* TorProxySettings::ReadFromTor() */ - - // attempts to write proxy settings to Tor daemon - // throws on error - writeSettings() { - let settingsObject = new Map(); - - // init proxy related settings to null so Tor daemon resets them - settingsObject.set(TorStrings.configKeys.socks4Proxy, null); - settingsObject.set(TorStrings.configKeys.socks5Proxy, null); - settingsObject.set(TorStrings.configKeys.socks5ProxyUsername, null); - settingsObject.set(TorStrings.configKeys.socks5ProxyPassword, null); - settingsObject.set(TorStrings.configKeys.httpsProxy, null); - settingsObject.set(TorStrings.configKeys.httpsProxyAuthenticator, null); - - switch (this._proxyType) { - case TorProxyType.SOCKS4: - settingsObject.set( - TorStrings.configKeys.socks4Proxy, - `${this._proxyAddress}:${this._proxyPort}` - ); - break; - case TorProxyType.SOCKS5: - settingsObject.set( - TorStrings.configKeys.socks5Proxy, - `${this._proxyAddress}:${this._proxyPort}` - ); - settingsObject.set( - TorStrings.configKeys.socks5ProxyUsername, - this._proxyUsername - ); - settingsObject.set( - TorStrings.configKeys.socks5ProxyPassword, - this._proxyPassword - ); - break; - case TorProxyType.HTTPS: - settingsObject.set( - TorStrings.configKeys.httpsProxy, - `${this._proxyAddress}:${this._proxyPort}` - ); - settingsObject.set( - TorStrings.configKeys.httpsProxyAuthenticator, - `${this._proxyUsername}:${this._proxyPassword}` - ); - break; - } - - TorProtocolService.writeSettings(settingsObject); - } /* TorProxySettings::WriteToTor() */ -} - -// factory methods for our various supported proxies -function makeTorProxySettingsNone() { - return new TorProxySettings(); -} - -function makeTorProxySettingsSocks4(aProxyAddress, aProxyPort) { - let retval = new TorProxySettings(); - retval._proxyType = TorProxyType.SOCKS4; - retval._proxyAddress = aProxyAddress; - retval._proxyPort = aProxyPort; - return retval; -} - -function makeTorProxySettingsSocks5( - aProxyAddress, - aProxyPort, - aProxyUsername, - aProxyPassword -) { - let retval = new TorProxySettings(); - retval._proxyType = TorProxyType.SOCKS5; - retval._proxyAddress = aProxyAddress; - retval._proxyPort = aProxyPort; - retval._proxyUsername = aProxyUsername; - retval._proxyPassword = aProxyPassword; - return retval; -} - -function makeTorProxySettingsHTTPS( - aProxyAddress, - aProxyPort, - aProxyUsername, - aProxyPassword -) { - let retval = new TorProxySettings(); - retval._proxyType = TorProxyType.HTTPS; - retval._proxyAddress = aProxyAddress; - retval._proxyPort = aProxyPort; - retval._proxyUsername = aProxyUsername; - retval._proxyPassword = aProxyPassword; - return retval; -} diff --git a/browser/components/torpreferences/jar.mn b/browser/components/torpreferences/jar.mn index 857bc9ee3eac..552c92b2feff 100644 --- a/browser/components/torpreferences/jar.mn +++ b/browser/components/torpreferences/jar.mn @@ -1,14 +1,10 @@ browser.jar: - content/browser/torpreferences/parseFunctions.jsm (content/parseFunctions.jsm) - content/browser/torpreferences/requestBridgeDialog.xhtml (content/requestBridgeDialog.xhtml) + content/browser/torpreferences/requestBridgeDialog.xhtml (content/requestBridgeDialog.xhtml) content/browser/torpreferences/requestBridgeDialog.jsm (content/requestBridgeDialog.jsm) - content/browser/torpreferences/torBridgeSettings.jsm (content/torBridgeSettings.jsm) - content/browser/torpreferences/torCategory.inc.xhtml (content/torCategory.inc.xhtml) - content/browser/torpreferences/torFirewallSettings.jsm (content/torFirewallSettings.jsm) + content/browser/torpreferences/torCategory.inc.xhtml (content/torCategory.inc.xhtml) content/browser/torpreferences/torLogDialog.jsm (content/torLogDialog.jsm) - content/browser/torpreferences/torLogDialog.xhtml (content/torLogDialog.xhtml) + content/browser/torpreferences/torLogDialog.xhtml (content/torLogDialog.xhtml) content/browser/torpreferences/torPane.js (content/torPane.js) - content/browser/torpreferences/torPane.xhtml (content/torPane.xhtml) + content/browser/torpreferences/torPane.xhtml (content/torPane.xhtml) content/browser/torpreferences/torPreferences.css (content/torPreferences.css) content/browser/torpreferences/torPreferencesIcon.svg (content/torPreferencesIcon.svg) - content/browser/torpreferences/torProxySettings.jsm (content/torProxySettings.jsm) diff --git a/browser/modules/TorConnect.jsm b/browser/modules/TorConnect.jsm index 19a3f595d490..e7b8b364db86 100644 --- a/browser/modules/TorConnect.jsm +++ b/browser/modules/TorConnect.jsm @@ -18,6 +18,10 @@ const { TorLauncherUtil } = ChromeUtils.import( "resource://torlauncher/modules/tl-util.jsm" ); +const { TorSettings, TorSettingsTopics } = ChromeUtils.import( + "resource:///modules/TorSettings.jsm" +); + /* Browser observer topis */ const BrowserTopics = Object.freeze({ ProfileAfterChange: "profile-after-change", @@ -25,7 +29,6 @@ const BrowserTopics = Object.freeze({ /* tor-launcher observer topics */ const TorTopics = Object.freeze({ - ProcessIsReady: "TorProcessIsReady", BootstrapStatus: "TorBootstrapStatus", BootstrapError: "TorBootstrapError", ProcessExited: "TorProcessExited", @@ -34,7 +37,6 @@ const TorTopics = Object.freeze({ /* Relevant prefs used by tor-launcher */ const TorLauncherPrefs = Object.freeze({ - quickstart: "extensions.torlauncher.quickstart", prompt_at_startup: "extensions.torlauncher.prompt_at_startup", }); @@ -250,38 +252,29 @@ const TorConnect = (() => { // Disabled this.legacyOrSystemTor(); } else { - // register the Tor topics we always care about - for (const topicKey in TorTopics) { - const topic = TorTopics[topicKey]; + let observeTopic = (topic) => { Services.obs.addObserver(this, topic); console.log(`TorConnect: observing topic '${topic}'`); - } + }; - if (TorProtocolService.torProcessStatus == TorProcessStatus.Running) { - if (this.shouldQuickStart) { - // Quickstart - this.beginBootstrap(); - } else { - // Configuring - this.beginConfigure(); - } + // register the Tor topics we always care about + for (const topicKey in TorTopics) { + const topic = TorTopics[topicKey]; + observeTopic(topic); } + observeTopic(TorSettingsTopics.Ready); } - Services.obs.removeObserver(this, topic); break; } - /* Transition out of Initial if Tor daemon wasn't running yet in BrowserTopics.ProfileAfterChange */ - case TorTopics.ProcessIsReady: { - if (this.state === TorConnectState.Initial) - { - if (this.shouldQuickStart) { - // Quickstart - this.beginBootstrap(); - } else { - // Configuring - this.beginConfigure(); - } + /* We need to wait until TorSettings have been loaded and applied before we can Quickstart */ + case TorSettingsTopics.Ready: { + if (this.shouldQuickStart) { + // Quickstart + this.beginBootstrap(); + } else { + // Configuring + this.beginConfigure(); } break; } @@ -342,7 +335,7 @@ const TorConnect = (() => { get shouldQuickStart() { // quickstart must be enabled - return Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false) && + return TorSettings.quickstart.enabled && // and the previous bootstrap attempt must have succeeded !Services.prefs.getBoolPref(TorLauncherPrefs.prompt_at_startup, true); }, diff --git a/browser/modules/TorSettings.jsm b/browser/modules/TorSettings.jsm new file mode 100644 index 000000000000..6d2a6c4a07cf --- /dev/null +++ b/browser/modules/TorSettings.jsm @@ -0,0 +1,814 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorSettings", "TorSettingsTopics", "TorSettingsData", "TorBridgeSource", "TorBuiltinBridgeTypes", "TorProxyType"]; + +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); + +const { TorProtocolService, TorProcessStatus } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); + +/* Browser observer topics */ +const BrowserTopics = Object.freeze({ + ProfileAfterChange: "profile-after-change", +}); + +/* tor-launcher observer topics */ +const TorTopics = Object.freeze({ + ProcessIsReady: "TorProcessIsReady", +}); + +/* TorSettings observer topics */ +const TorSettingsTopics = Object.freeze({ + Ready: "torsettings:ready", + SettingChanged: "torsettings:setting-changed", +}); + +/* TorSettings observer data (for SettingChanged topic) */ +const TorSettingsData = Object.freeze({ + QuickStartEnabled : "torsettings:quickstart_enabled", +}); + +/* Prefs used to store settings in TorBrowser prefs */ +const TorSettingsPrefs = Object.freeze({ + /* bool: are we pulling tor settings from the preferences */ + enabled: 'torbrowser.settings.enabled', + quickstart : { + /* bool: does tor connect automatically on launch */ + enabled: 'torbrowser.settings.quickstart.enabled', + }, + bridges : { + /* bool: does tor use bridges */ + enabled : 'torbrowser.settings.bridges.enabled', + /* int: -1=invalid|0=builtin|1=bridge_db|2=user_provided */ + source : 'torbrowser.settings.bridges.source', + /* string: obfs4|meek_azure|snowflake|etc */ + builtin_type : 'torbrowser.settings.bridges.builtin_type', + /* preference branch: each child branch should be a bridge string */ + bridge_strings : 'torbrowser.settings.bridges.bridge_strings', + }, + proxy : { + /* bool: does tor use a proxy */ + enabled : 'torbrowser.settings.proxy.enabled', + /* -1=invalid|0=socks4,1=socks5,2=https */ + type: 'torbrowser.settings.proxy.type', + /* string: proxy server address */ + address: 'torbrowser.settings.proxy.address', + /* int: [1,65535], proxy port */ + port: 'torbrowser.settings.proxy.port', + /* string: username */ + username: 'torbrowser.settings.proxy.username', + /* string: password */ + password: 'torbrowser.settings.proxy.password', + }, + firewall : { + /* bool: does tor have a port allow list */ + enabled: 'torbrowser.settings.firewall.enabled', + /* string: comma-delimitted list of port numbers */ + allowed_ports: 'torbrowser.settings.firewall.allowed_ports', + }, +}); + +/* Legacy tor-launcher prefs and pref branches*/ +const TorLauncherPrefs = Object.freeze({ + quickstart: "extensions.torlauncher.quickstart", + default_bridge_type: "extensions.torlauncher.default_bridge_type", + default_bridge: "extensions.torlauncher.default_bridge.", + default_bridge_recommended_type: "extensions.torlauncher.default_bridge_recommended_type", + bridgedb_bridge: "extensions.torlauncher.bridgedb_bridge.", +}); + +/* Config Keys used to configure tor daemon */ +const TorConfigKeys = Object.freeze({ + useBridges: "UseBridges", + bridgeList: "Bridge", + socks4Proxy: "Socks4Proxy", + socks5Proxy: "Socks5Proxy", + socks5ProxyUsername: "Socks5ProxyUsername", + socks5ProxyPassword: "Socks5ProxyPassword", + httpsProxy: "HTTPSProxy", + httpsProxyAuthenticator: "HTTPSProxyAuthenticator", + reachableAddresses: "ReachableAddresses", + clientTransportPlugin: "ClientTransportPlugin", +}); + +const TorBridgeSource = Object.freeze({ + Invalid: -1, + BuiltIn: 0, + BridgeDB: 1, + UserProvided: 2, +}); + +const TorProxyType = Object.freeze({ + Invalid: -1, + Socks4: 0, + Socks5: 1, + HTTPS: 2, +}); + + +const TorBuiltinBridgeTypes = Object.freeze( + (() => { + let bridgeListBranch = Services.prefs.getBranch(TorLauncherPrefs.default_bridge); + let bridgePrefs = bridgeListBranch.getChildList(""); + + // an unordered set for shoving bridge types into + let bridgeTypes = new Set(); + // look for keys ending in ".N" and treat string before that as the bridge type + const pattern = /\.[0-9]+$/; + for (const key of bridgePrefs) { + const offset = key.search(pattern); + if (offset != -1) { + const bt = key.substring(0, offset); + bridgeTypes.add(bt); + } + } + + // recommended bridge type goes first in the list + let recommendedBridgeType = Services.prefs.getCharPref(TorLauncherPrefs.default_bridge_recommended_type, null); + + let retval = []; + if (recommendedBridgeType && bridgeTypes.has(recommendedBridgeType)) { + retval.push(recommendedBridgeType); + } + + for (const bridgeType of bridgeTypes.values()) { + if (bridgeType != recommendedBridgeType) { + retval.push(bridgeType); + } + } + return retval; + })() +); + +/* Parsing Methods */ + +// expects a string representation of an integer from 1 to 65535 +let parsePort = function(aPort) { + // ensure port string is a valid positive integer + const validIntRegex = /^[0-9]+$/; + if (!validIntRegex.test(aPort)) { + return 0; + } + + // ensure port value is on valid range + let port = Number.parseInt(aPort); + if (port < 1 || port > 65535) { + return 0; + } + + return port; +}; +// expects a string in the format: "ADDRESS:PORT" +let parseAddrPort = function(aAddrColonPort) { + let tokens = aAddrColonPort.split(":"); + if (tokens.length != 2) { + return ["", 0]; + } + let address = tokens[0]; + let port = parsePort(tokens[1]); + return [address, port]; +}; + +// expects a string in the format: "USERNAME:PASSWORD" +// split on the first colon and any subsequent go into password +let parseUsernamePassword = function(aUsernameColonPassword) { + let colonIndex = aUsernameColonPassword.indexOf(":"); + if (colonIndex < 0) { + return ["", ""]; + } + + let username = aUsernameColonPassword.substring(0, colonIndex); + let password = aUsernameColonPassword.substring(colonIndex + 1); + + return [username, password]; +}; + +// expects a string in the format: ADDRESS:PORT,ADDRESS:PORT,... +// returns array of ports (as ints) +let parseAddrPortList = function(aAddrPortList) { + let addrPorts = aAddrPortList.split(","); + // parse ADDRESS:PORT string and only keep the port (second element in returned array) + let retval = addrPorts.map(addrPort => parseAddrPort(addrPort)[1]); + return retval; +}; + +// expects a '/n' or '/r/n' delimited bridge string, which we split and trim +// each bridge string can also optionally have 'bridge' at the beginning ie: +// bridge $(type) $(address):$(port) $(certificate) +// we strip out the 'bridge' prefix here +let parseBridgeStrings = function(aBridgeStrings) { + + // replace carriage returns ('\r') with new lines ('\n') + aBridgeStrings = aBridgeStrings.replace(/\r/g, "\n"); + // then replace contiguous new lines ('\n') with a single one + aBridgeStrings = aBridgeStrings.replace(/[\n]+/g, "\n"); + + // split on the newline and for each bridge string: trim, remove starting 'bridge' string + // finally discard entries that are empty strings; empty strings could occur if we receive + // a new line containing only whitespace + let splitStrings = aBridgeStrings.split("\n"); + return splitStrings.map(val => val.trim().replace(/^bridge\s+/i, "")) + .filter(bridgeString => bridgeString != ""); +}; + +// expecting a ',' delimited list of ints with possible white space between +// returns an array of ints +let parsePortList = function(aPortListString) { + let splitStrings = aPortListString.split(","); + // parse and remove duplicates + let portSet = new Set(splitStrings.map(val => parsePort(val.trim()))); + // parsePort returns 0 for failed parses, so remove 0 from list + portSet.delete(0); + return Array.from(portSet); +}; + +let getBuiltinBridgeStrings = function(builtinType) { + let bridgeBranch = Services.prefs.getBranch(TorLauncherPrefs.default_bridge); + let bridgeBranchPrefs = bridgeBranch.getChildList(""); + let retval = []; + + // regex matches against strings ending in ".N" where N is a positive integer + let pattern = /\.[0-9]+$/; + for (const key of bridgeBranchPrefs) { + // verify the location of the match is the correct offset required for aBridgeType + // to fit, and that the string begins with aBridgeType + if (key.search(pattern) == builtinType.length && + key.startsWith(builtinType)) { + let bridgeStr = bridgeBranch.getCharPref(key); + retval.push(bridgeStr); + } + } + + // shuffle so that Tor Browser users don't all try the built-in bridges in the same order + arrayShuffle(retval); + + return retval; +}; + +/* Array methods */ + +let arrayShuffle = function(array) { + // fisher-yates shuffle + for (let i = array.length - 1; i > 0; --i) { + // number n such that 0.0 <= n < 1.0 + const n = Math.random(); + // integer j such that 0 <= j <= i + const j = Math.floor(n * (i + 1)); + + // swap values at indices i and j + const tmp = array[i]; + array[i] = array[j]; + array[j] = tmp; + } +} + +let arrayCopy = function(array) { + return [].concat(array); +} + +/* TorSettings module */ + +const TorSettings = (() => { + let self = { + _settings: null, + + // tor daemon related settings + defaultSettings: function() { + let settings = { + quickstart: { + enabled: false + }, + bridges : { + enabled: false, + source: TorBridgeSource.Invalid, + builtin_type: null, + bridge_strings: [], + }, + proxy: { + enabled: false, + type: TorProxyType.Invalid, + address: null, + port: 0, + username: null, + password: null, + }, + firewall: { + enabled: false, + allowed_ports: [], + }, + }; + return settings; + }, + + /* try and load our settings, and register observers */ + init: function() { + if (TorProtocolService.ownsTorDaemon) { + // if the settings branch exists, load settings from prefs + if (Services.prefs.getBoolPref(TorSettingsPrefs.enabled, false)) { + this.loadFromPrefs(); + Services.obs.notifyObservers(null, TorSettingsTopics.Ready); + } + Services.obs.addObserver(this, BrowserTopics.ProfileAfterChange); + Services.obs.addObserver(this, TorTopics.ProcessIsReady); + } + }, + + /* wait for relevant life-cycle events to load and/or apply saved settings */ + observe: async function(subject, topic, data) { + console.log(`TorSettings: observed ${topic}`); + + // once the process is ready, we need to apply our settings + let handleProcessReady = async () => { + Services.obs.removeObserver(this, TorTopics.ProcessIsReady); + if (this._settings == null) { + // load settings from tor if our load in init() failed and save them to prefs + await this.loadLegacy(); + this.saveToPrefs(); + } else { + // push down settings to tor + await this.applySettings(); + } + Services.obs.notifyObservers(null, TorSettingsTopics.Ready); + }; + + switch (topic) { + case BrowserTopics.ProfileAfterChange: { + if (TorProtocolService.torProcessStatus == TorProcessStatus.Running) { + await handleProcessReady(); + } + } + break; + case TorTopics.ProcessIsReady: { + await handleProcessReady(); + } + break; + } + }, + + // load our settings from old locations (misc prefs and from tor daemon) + // TODO: remove this after some time has elapsed to ensure users have migrated to pref settings + loadLegacy: async function() { + console.log("TorSettings: loadLegacy()"); + + let settings = this.defaultSettings(); + + /* Quickstart */ + settings.quickstart.enabled = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false); + + /* Bridges + + So the way tor-launcher determines the origin of the configured bridges is a bit + weird and depends on inferring our scenario based on some firefox prefs and the + relationship between the saved list of bridges in about:config vs the list saved in torrc + + first off, if "extensions.torlauncher.default_bridge_type" is set to one of our + builtin default types (obfs4, meek-azure, snowflake, etc) then we provide the + bridges in "extensions.torlauncher.default_bridge.*" (filtered by our default_bridge_type) + + next, we compare the list of bridges saved in torrc to the bridges stored in the + "extensions.torlauncher.bridgedb_bridge."" branch. If they match *exactly* then we assume + the bridges were retrieved from BridgeDB and use those. If the torrc list is empty then we know + we have no bridge settings + + finally, if none of the previous conditions are not met, it is assumed the bridges stored in + torrc are user-provided + */ + + let builtinType = Services.prefs.getCharPref(TorLauncherPrefs.default_bridge_type, null); + + // check if source is built-in + if (builtinType) { + let builtinBridgeStrings = getBuiltinBridgeStrings(builtinType); + if (builtinBridgeStrings.length > 0) { + settings.bridges.enabled = true; + settings.bridges.source = TorBridgeSource.BuiltIn; + settings.bridges.builtin_type = builtinType; + settings.bridges.bridge_strings = builtinBridgeStrings; + } + } else { + // get our currently configured bridges from tor + let torrcBridgeStrings = await (async () => { + let bridgeList = await TorProtocolService.readStringArraySetting(TorConfigKeys.bridgeList); + let retval = []; + for (const line of bridgeList) { + let trimmedLine = line.trim(); + if (trimmedLine) { + retval.push(trimmedLine); + } + } + return retval; + })(); + + // torrc has bridges configured + if (torrcBridgeStrings.length > 0) { + // compare tor's bridges to our saved bridgedb bridges + let bridgedbBBridgeStrings = (() => { + let bridgeBranch = Services.prefs.getBranch(TorLauncherPrefs.bridgedb_bridge); + let bridgeBranchPrefs = bridgeBranch.getChildList(""); + // the child prefs do not come in any particular order so sort the keys + // so the values can be compared to what we get out off torrc + bridgeBranchPrefs.sort(); + + // just assume all of the prefs under the parent point to valid bridge string + let retval = bridgeBranchPrefs.map(key => + bridgeBranch.getCharPref(key).trim() + ); + return retval; + })(); + + let arraysEqual = (left, right) => { + if (left.length != right.length) { + return false; + } + const length = left.length; + for (let i = 0; i < length; ++i) { + if (left[i] != right[i]) { + return false; + } + } + return true; + }; + + if (arraysEqual(torrcBridgeStrings, bridgedbBBridgeStrings)) { + settings.bridges.enabled = true; + settings.bridges.source = TorBridgeSource.BridgeDB; + settings.bridges.builtin_type = null; + settings.bridges.bridge_strings = torrcBridgeStrings; + } else { + settings.bridges.enabled = true; + settings.bridges.source = TorBridgeSource.UserProvided; + settings.bridges.builtin_type = null; + settings.bridges.bridge_strings = torrcBridgeStrings; + } + } else { + // tor has no bridge strings saved, so bridges not in use + settings.bridges.enabled = false; + settings.bridges.source = TorBridgeSource.Invalid; + settings.bridges.builtin_type = null; + settings.bridges.bridge_strings = []; + } + } + + /* Proxy */ + + let proxyString = null; + if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.socks4Proxy)) { + let [address, port] = parseAddrPort(proxyString); + + settings.proxy.enabled = true; + settings.proxy.type = TorProxyType.Socks4; + settings.proxy.address = address; + settings.proxy.port = port; + settings.proxy.username = null; + settings.proxy.password = null; + } else if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.socks5Proxy)) { + let [address, port] = parseAddrPort(proxyString); + let username = await TorProtocolService.readStringSetting(TorConfigKeys.socks5ProxyUsername); + let password = await TorProtocolService.readStringSetting(TorConfigKeys.socks5ProxyPassword); + + settings.proxy.enabled = true; + settings.proxy.type = TorProxyType.Socks5; + settings.proxy.address = address; + settings.proxy.port = port; + settings.proxy.username = username; + settings.proxy.password = password; + } else if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.httpsProxy)) { + let [address, port] = parseAddrPort(proxyString); + let authenticator = await TorProtocolService.readStringSetting(TorConfigKeys.httpsProxyAuthenticator); + let [username, password] = parseUsernamePassword(authenticator); + + settings.proxy.enabled = true; + settings.proxy.type = TorProxyType.HTTPS; + settings.proxy.address = address; + settings.proxy.port = port; + settings.proxy.username = username; + settings.proxy.password = password; + } else { + settings.proxy.enabled = false; + settings.proxy.type = TorProxyType.Invalid; + settings.proxy.address = null; + settings.proxy.port = 0; + settings.proxy.username = null; + settings.proxy.password = null; + } + + /* Firewall */ + let firewallString = await TorProtocolService.readStringSetting(TorConfigKeys.reachableAddresses); + if (firewallString) { + let allowedPorts = parseAddrPortList(firewallString); + settings.firewall.enabled = allowedPorts.length > 0; + settings.firewall.allowed_ports = allowedPorts; + } else { + settings.firewall.enabled = false; + settings.firewall.allowed_ports = []; + } + + this._settings = settings; + + return this; + }, + + // load our settings from prefs + loadFromPrefs: function() { + console.log("TorSettings: loadFromPrefs()"); + + let settings = this.defaultSettings(); + + /* Quickstart */ + settings.quickstart.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.quickstart.enabled); + /* Bridges */ + settings.bridges.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.bridges.enabled); + if (settings.bridges.enabled) { + settings.bridges.source = Services.prefs.getIntPref(TorSettingsPrefs.bridges.source); + // builtin bridge (obfs4, meek, snowlfake, etc) + if (settings.bridges.source == TorBridgeSource.BuiltIn) { + let builtinType = Services.prefs.getStringPref(TorSettingsPrefs.bridges.builtin_type); + settings.bridges.builtin_type = builtinType; + // always dynamically load builtin bridges rather than loading the cached versions + // if the user upgrades and the builtin bridges have changed, we want to ensure the user + // can still bootstrap using the provided bridges + let bridgeStrings = getBuiltinBridgeStrings(builtinType); + if (bridgeStrings.length > 0) { + settings.bridges.bridge_strings = bridgeStrings; + } else { + // in this case the user is using a builtin bridge that is no longer supported, + // reset to settings to default values + settings.bridges.enabled = false; + settings.bridges.source = TorBridgeSource.Invalid; + settings.bridges.builtin_type = null; + } + } else { + settings.bridges.bridge_strings = []; + let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList(""); + bridgeBranchPrefs.forEach(pref => { + let bridgeString = Services.prefs.getStringPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`); + settings.bridges.bridge_strings.push(bridgeString); + }); + } + } else { + settings.bridges.source = TorBridgeSource.Invalid; + settings.bridges.builtin_type = null; + settings.bridges.bridge_strings = []; + } + /* Proxy */ + settings.proxy.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.proxy.enabled); + if (settings.proxy.enabled) { + settings.proxy.type = Services.prefs.getIntPref(TorSettingsPrefs.proxy.type); + settings.proxy.address = Services.prefs.getStringPref(TorSettingsPrefs.proxy.address); + settings.proxy.port = Services.prefs.getIntPref(TorSettingsPrefs.proxy.port); + settings.proxy.username = Services.prefs.getStringPref(TorSettingsPrefs.proxy.username); + settings.proxy.password = Services.prefs.getStringPref(TorSettingsPrefs.proxy.password); + } else { + settings.proxy.type = TorProxyType.Invalid; + settings.proxy.address = null; + settings.proxy.port = 0; + settings.proxy.username = null; + settings.proxy.password = null; + } + + /* Firewall */ + settings.firewall.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.firewall.enabled); + if(settings.firewall.enabled) { + let portList = Services.prefs.getStringPref(TorSettingsPrefs.firewall.allowed_ports); + settings.firewall.allowed_ports = parsePortList(portList); + } else { + settings.firewall.allowed_ports = 0; + } + + this._settings = settings; + + return this; + }, + + // save our settings to prefs + saveToPrefs: function() { + console.log("TorSettings: saveToPrefs()"); + + let settings = this._settings; + + /* Quickstart */ + Services.prefs.setBoolPref(TorSettingsPrefs.quickstart.enabled, settings.quickstart.enabled); + /* Bridges */ + Services.prefs.setBoolPref(TorSettingsPrefs.bridges.enabled, settings.bridges.enabled); + if (settings.bridges.enabled) { + Services.prefs.setIntPref(TorSettingsPrefs.bridges.source, settings.bridges.source); + if (settings.bridges.source === TorBridgeSource.BuiltIn) { + Services.prefs.setStringPref(TorSettingsPrefs.bridges.builtin_type, settings.bridges.builtin_type); + } else { + Services.prefs.clearUserPref(TorSettingsPrefs.bridges.builtin_type); + } + // erase existing bridge strings + let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList(""); + bridgeBranchPrefs.forEach(pref => { + Services.prefs.clearUserPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`); + }); + // write new ones + settings.bridges.bridge_strings.forEach((string, index) => { + Services.prefs.setStringPref(`${TorSettingsPrefs.bridges.bridge_strings}.${index}`, string); + }); + } else { + Services.prefs.clearUserPref(TorSettingsPrefs.bridges.source); + Services.prefs.clearUserPref(TorSettingsPrefs.bridges.builtin_type); + let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList(""); + bridgeBranchPrefs.forEach(pref => { + Services.prefs.clearUserPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`); + }); + } + /* Proxy */ + Services.prefs.setBoolPref(TorSettingsPrefs.proxy.enabled, settings.proxy.enabled); + if (settings.proxy.enabled) { + Services.prefs.setIntPref(TorSettingsPrefs.proxy.type, settings.proxy.type); + Services.prefs.setStringPref(TorSettingsPrefs.proxy.address, settings.proxy.address); + Services.prefs.setIntPref(TorSettingsPrefs.proxy.port, settings.proxy.port); + Services.prefs.setStringPref(TorSettingsPrefs.proxy.username, settings.proxy.username); + Services.prefs.setStringPref(TorSettingsPrefs.proxy.password, settings.proxy.password); + } else { + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.type); + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.address); + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.port); + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.username); + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.password); + } + /* Firewall */ + Services.prefs.setBoolPref(TorSettingsPrefs.firewall.enabled, settings.firewall.enabled); + if (settings.firewall.enabled) { + Services.prefs.setStringPref(TorSettingsPrefs.firewall.allowed_ports, settings.firewall.allowed_ports.join(",")); + } else { + Services.prefs.clearUserPref(TorSettingsPrefs.firewall.allowed_ports); + } + + // all tor settings now stored in prefs :) + Services.prefs.setBoolPref(TorSettingsPrefs.enabled, true); + + return this; + }, + + // push our settings down to the tor daemon + applySettings: async function() { + console.log("TorSettings: applySettings()"); + let settings = this._settings; + let settingsMap = new Map(); + + /* Bridges */ + settingsMap.set(TorConfigKeys.useBridges, settings.bridges.enabled); + if (settings.bridges.enabled) { + settingsMap.set(TorConfigKeys.bridgeList, settings.bridges.bridge_strings); + } else { + // shuffle bridge list + settingsMap.set(TorConfigKeys.bridgeList, null); + } + + /* Proxy */ + settingsMap.set(TorConfigKeys.socks4Proxy, null); + settingsMap.set(TorConfigKeys.socks5Proxy, null); + settingsMap.set(TorConfigKeys.socks5ProxyUsername, null); + settingsMap.set(TorConfigKeys.socks5ProxyPassword, null); + settingsMap.set(TorConfigKeys.httpsProxy, null); + settingsMap.set(TorConfigKeys.httpsProxyAuthenticator, null); + if (settings.proxy.enabled) { + let address = settings.proxy.address; + let port = settings.proxy.port; + let username = settings.proxy.username; + let password = settings.proxy.password; + + switch (settings.proxy.type) { + case TorProxyType.Socks4: + settingsMap.set(TorConfigKeys.socks4Proxy, `${address}:${port}`); + break; + case TorProxyType.Socks5: + settingsMap.set(TorConfigKeys.socks5Proxy, `${address}:${port}`); + settingsMap.set(TorConfigKeys.socks5ProxyUsername, username); + settingsMap.set(TorConfigKeys.socks5ProxyPassword, password); + break; + case TorProxyType.HTTPS: + settingsMap.set(TorConfigKeys.httpsProxy, `${address}:${port}`); + settingsMap.set(TorConfigKeys.httpsProxyAuthenticator, `${username}:${password}`); + break; + } + } + + /* Firewall */ + if (settings.firewall.enabled) { + let reachableAddresses = settings.firewall.allowed_ports.map(port => `*:${port}`).join(","); + settingsMap.set(TorConfigKeys.reachableAddresses, reachableAddresses); + } else { + settingsMap.set(TorConfigKeys.reachableAddresses, null); + } + + /* Push to Tor */ + await TorProtocolService.writeSettings(settingsMap); + + return this; + }, + + /* Getters and Setters */ + + + // Quickstart + get quickstart() { + return { + // Avoid a race-condition on first-start where this property + // may be accessed before `self._settings` is initialized. + // This work-around can be removed when #40598 is resolved. + get enabled() { return (self._settings ? self._settings.quickstart.enabled : false); }, + set enabled(val) { + if (val != self._settings.quickstart.enabled) + { + self._settings.quickstart.enabled = val; + Services.obs.notifyObservers({value: val}, TorSettingsTopics.SettingChanged, TorSettingsData.QuickStartEnabled); + } + }, + }; + }, + + // Bridges + get bridges() { + return { + get enabled() { return self._settings.bridges.enabled; }, + set enabled(val) { + self._settings.bridges.enabled = val; + // reset bridge settings + self._settings.bridges.source = TorBridgeSource.Invalid; + self._settings.bridges.builtin_type = null; + self._settings.bridges.bridge_strings = []; + }, + get source() { return self._settings.bridges.source; }, + set source(val) { self._settings.bridges.source = val; }, + get builtin_type() { return self._settings.bridges.builtin_type; }, + set builtin_type(val) { + let bridgeStrings = getBuiltinBridgeStrings(val); + if (bridgeStrings.length > 0) { + self._settings.bridges.builtin_type = val; + self._settings.bridges.bridge_strings = bridgeStrings; + } + }, + get bridge_strings() { return arrayCopy(self._settings.bridges.bridge_strings); }, + set bridge_strings(val) { + self._settings.bridges.bridge_strings = parseBridgeStrings(val); + }, + }; + }, + + // Proxy + get proxy() { + return { + get enabled() { return self._settings.proxy.enabled; }, + set enabled(val) { + self._settings.proxy.enabled = val; + // reset proxy settings + self._settings.proxy.type = TorProxyType.Invalid; + self._settings.proxy.address = null; + self._settings.proxy.port = 0; + self._settings.proxy.username = null; + self._settings.proxy.password = null; + }, + get type() { return self._settings.proxy.type; }, + set type(val) { self._settings.proxy.type = val; }, + get address() { return self._settings.proxy.address; }, + set address(val) { self._settings.proxy.address = val; }, + get port() { return arrayCopy(self._settings.proxy.port); }, + set port(val) { self._settings.proxy.port = parsePort(val); }, + get username() { return self._settings.proxy.username; }, + set username(val) { self._settings.proxy.username = val; }, + get password() { return self._settings.proxy.password; }, + set password(val) { self._settings.proxy.password = val; }, + get uri() { + switch (this.type) { + case TorProxyType.Socks4: + return `socks4a://${this.address}:${this.port}`; + case TorProxyType.Socks5: + if (this.username) { + return `socks5://${this.username}:${this.password}@${this.address}:${this.port}`; + } + return `socks5://${this.address}:${this.port}`; + case TorProxyType.HTTPS: + if (this._proxyUsername) { + return `http://${this.username}:${this.password}@${this.address}:${this.port}`; + } + return `http://${this.address}:${this.port}`; + } + return null; + }, + }; + }, + + // Firewall + get firewall() { + return { + get enabled() { return self._settings.firewall.enabled; }, + set enabled(val) { + self._settings.firewall.enabled = val; + // reset firewall settings + self._settings.firewall.allowed_ports = []; + }, + get allowed_ports() { return self._settings.firewall.allowed_ports; }, + set allowed_ports(val) { self._settings.firewall.allowed_ports = parsePortList(val); }, + }; + }, + }; + self.init(); + return self; +})(); diff --git a/browser/modules/moz.build b/browser/modules/moz.build index 1ea57aba1a93..8c001d4ac6ed 100644 --- a/browser/modules/moz.build +++ b/browser/modules/moz.build @@ -156,6 +156,7 @@ EXTRA_JS_MODULES += [ 'TorConnect.jsm', 'TorProcessService.jsm', "TorProtocolService.jsm", + "TorSettings.jsm", "TorStrings.jsm", "TransientPrefs.jsm", "webrtcUI.jsm", diff --git a/toolkit/components/processsingleton/MainProcessSingleton.jsm b/toolkit/components/processsingleton/MainProcessSingleton.jsm index 62afa98e1ffc..ba8cd0f3f97d 100644 --- a/toolkit/components/processsingleton/MainProcessSingleton.jsm +++ b/toolkit/components/processsingleton/MainProcessSingleton.jsm @@ -24,6 +24,11 @@ MainProcessSingleton.prototype = { null ); + ChromeUtils.import( + "resource:///modules/TorSettings.jsm", + null + ); + ChromeUtils.import( "resource:///modules/TorConnect.jsm", null diff --git a/toolkit/modules/AsyncPrefs.jsm b/toolkit/modules/AsyncPrefs.jsm index f7d867e47dc0..2834c484c919 100644 --- a/toolkit/modules/AsyncPrefs.jsm +++ b/toolkit/modules/AsyncPrefs.jsm @@ -20,7 +20,6 @@ const kAllowedPrefs = new Set([ "browser.contentblocking.report.hide_vpn_banner", "browser.contentblocking.report.show_mobile_app", - "extensions.torlauncher.quickstart", "narrate.rate", "narrate.voice",

1 0