Richard Pospesel pushed to branch tor-browser-102.7.0esr-12.0-1 at The Tor Project / Applications / Tor Browser

Commits:

1 changed file:

Changes:

  • toolkit/torbutton/components/domain-isolator.js
    ... ... @@ -58,7 +58,11 @@ let tor = {};
    58 58
     
    
    59 59
     // __tor.noncesForDomains__.
    
    60 60
     // A mutable map that records what nonce we are using for each domain.
    
    61
    -tor.noncesForDomains = {};
    
    61
    +tor.noncesForDomains = new Map();
    
    62
    +
    
    63
    +// __tor.noncesForUserContextId__.
    
    64
    +// A mutable map that records what nonce we are using for each tab container.
    
    65
    +tor.noncesForUserContextId = new Map();
    
    62 66
     
    
    63 67
     // __tor.isolationEabled__.
    
    64 68
     // A bool that controls if we use SOCKS auth for isolation or not.
    
    ... ... @@ -68,23 +72,37 @@ tor.isolationEnabled = true;
    68 72
     // Specifies when the current catch-all circuit was first used
    
    69 73
     tor.unknownDirtySince = Date.now();
    
    70 74
     
    
    71
    -// __tor.socksProxyCredentials(originalProxy, domain)__.
    
    72
    -// Takes a proxyInfo object (originalProxy) and returns a new proxyInfo
    
    73
    -// object with the same properties, except the username is set to the
    
    74
    -// the domain, and the password is a nonce.
    
    75
    -tor.socksProxyCredentials = function(originalProxy, domain) {
    
    75
    +tor.passwordForDomainAndUserContextId = function(domain, userContextId) {
    
    76 76
       // Check if we already have a nonce. If not, create
    
    77
    -  // one for this domain.
    
    78
    -  if (!tor.noncesForDomains.hasOwnProperty(domain)) {
    
    79
    -    tor.noncesForDomains[domain] = tor.nonce();
    
    77
    +  // one for this domain and userContextId.
    
    78
    +  if (!tor.noncesForDomains.has(domain)) {
    
    79
    +    tor.noncesForDomains.set(domain, tor.nonce());
    
    80
    +  }
    
    81
    +  if (!tor.noncesForUserContextId.has(userContextId)) {
    
    82
    +    tor.noncesForUserContextId.set(userContextId, tor.nonce());
    
    80 83
       }
    
    84
    +  return (
    
    85
    +    tor.noncesForDomains.get(domain) +
    
    86
    +    tor.noncesForUserContextId.get(userContextId)
    
    87
    +  );
    
    88
    +};
    
    89
    +
    
    90
    +// __tor.socksProxyCredentials(originalProxy, domain, userContextId)__.
    
    91
    +// Takes a proxyInfo object (originalProxy) and returns a new proxyInfo
    
    92
    +// object with the same properties, except the username is set to the
    
    93
    +// the domain and userContextId, and the password is a nonce.
    
    94
    +tor.socksProxyCredentials = function(originalProxy, domain, userContextId) {
    
    81 95
       let proxy = originalProxy.QueryInterface(Ci.nsIProxyInfo);
    
    96
    +  let proxyPassword = tor.passwordForDomainAndUserContextId(
    
    97
    +    domain,
    
    98
    +    userContextId
    
    99
    +  );
    
    82 100
       return mozilla.protocolProxyService.newProxyInfoWithAuth(
    
    83 101
         "socks",
    
    84 102
         proxy.host,
    
    85 103
         proxy.port,
    
    86
    -    domain, // username
    
    87
    -    tor.noncesForDomains[domain], // password
    
    104
    +    `${domain}:${userContextId}`, // username
    
    105
    +    proxyPassword,
    
    88 106
         "", // aProxyAuthorizationHeader
    
    89 107
         "", // aConnectionIsolationKey
    
    90 108
         proxy.flags,
    
    ... ... @@ -116,10 +134,21 @@ tor.newCircuitForDomain = function(domain) {
    116 134
       if (domain === "") {
    
    117 135
         domain = "--unknown--";
    
    118 136
       }
    
    119
    -  tor.noncesForDomains[domain] = tor.nonce();
    
    137
    +  tor.noncesForDomains.set(domain, tor.nonce());
    
    138
    +  logger.eclog(
    
    139
    +    3,
    
    140
    +    `New domain isolation for ${domain}: ${tor.noncesForDomains.get(domain)}`
    
    141
    +  );
    
    142
    +};
    
    143
    +
    
    144
    +tor.newCircuitForUserContextId = function(userContextId) {
    
    145
    +  // Re-generate the nonce for the context.
    
    146
    +  tor.noncesForUserContextId.set(userContextId, tor.nonce());
    
    120 147
       logger.eclog(
    
    121 148
         3,
    
    122
    -    "New domain isolation for " + domain + ": " + tor.noncesForDomains[domain]
    
    149
    +    `New container isolation for ${userContextId}: ${tor.noncesForUserContextId.get(
    
    150
    +      userContextId
    
    151
    +    )}`
    
    123 152
       );
    
    124 153
     };
    
    125 154
     
    
    ... ... @@ -127,8 +156,9 @@ tor.newCircuitForDomain = function(domain) {
    127 156
     // Clear the isolation state cache, forcing new circuits to be used for all
    
    128 157
     // subsequent requests.
    
    129 158
     tor.clearIsolation = function() {
    
    130
    -  // Per-domain nonces are stored in a map, so simply re-initialize the map.
    
    131
    -  tor.noncesForDomains = {};
    
    159
    +  // Per-domain and per contextId nonces are stored in maps, so simply clear them.
    
    160
    +  tor.noncesForDomains.clear();
    
    161
    +  tor.noncesForUserContextId.clear();
    
    132 162
     
    
    133 163
       // Force a rotation on the next catch-all circuit use by setting the creation
    
    134 164
       // time to the epoch.
    
    ... ... @@ -137,9 +167,9 @@ tor.clearIsolation = function() {
    137 167
     
    
    138 168
     // __tor.isolateCircuitsByDomain()__.
    
    139 169
     // For every HTTPChannel, replaces the default SOCKS proxy with one that authenticates
    
    140
    -// to the SOCKS server (the tor client process) with a username (the first party domain)
    
    141
    -// and a nonce password. Tor provides a separate circuit for each username+password
    
    142
    -// combination.
    
    170
    +// to the SOCKS server (the tor client process) with a username (the first party domain
    
    171
    +// and userContextId) and a nonce password. Tor provides a separate circuit for each
    
    172
    +// username+password combination.
    
    143 173
     tor.isolateCircuitsByDomain = function() {
    
    144 174
       mozilla.registerProxyChannelFilter(function(aChannel, aProxy) {
    
    145 175
         if (!tor.isolationEnabled) {
    
    ... ... @@ -147,7 +177,8 @@ tor.isolateCircuitsByDomain = function() {
    147 177
         }
    
    148 178
         try {
    
    149 179
           let channel = aChannel.QueryInterface(Ci.nsIChannel),
    
    150
    -        firstPartyDomain = channel.loadInfo.originAttributes.firstPartyDomain;
    
    180
    +        firstPartyDomain = channel.loadInfo.originAttributes.firstPartyDomain,
    
    181
    +        userContextId = channel.loadInfo.originAttributes.userContextId;
    
    151 182
           if (firstPartyDomain === "") {
    
    152 183
             firstPartyDomain = "--unknown--";
    
    153 184
             if (Date.now() - tor.unknownDirtySince > 1000 * 10 * 60) {
    
    ... ... @@ -161,7 +192,8 @@ tor.isolateCircuitsByDomain = function() {
    161 192
           }
    
    162 193
           let replacementProxy = tor.socksProxyCredentials(
    
    163 194
             aProxy,
    
    164
    -        firstPartyDomain
    
    195
    +        firstPartyDomain,
    
    196
    +        userContextId
    
    165 197
           );
    
    166 198
           logger.eclog(
    
    167 199
             3,
    
    ... ... @@ -206,6 +238,9 @@ DomainIsolator.prototype = {
    206 238
       newCircuitForDomain(domain) {
    
    207 239
         tor.newCircuitForDomain(domain);
    
    208 240
       },
    
    241
    +  newCircuitForUserContextId(userContextId) {
    
    242
    +    tor.newCircuitForUserContextId(userContextId);
    
    243
    +  },
    
    209 244
     
    
    210 245
       enableIsolation() {
    
    211 246
         tor.isolationEnabled = true;