[tor-bugs] #6359 [Applications/TorBirdy]: make use of stream isolation

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Dec 13 22:21:42 UTC 2016 

#6359: make use of stream isolation
-----------------------------------+-------------------------
 Reporter:  proper                 |          Owner:  ioerror
     Type:  defect                 |         Status:  new
 Priority:  Medium                 |      Milestone:
Component:  Applications/TorBirdy  |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:                         |  Actual Points:
Parent ID:                         |         Points:
 Reviewer:                         |        Sponsor:
-----------------------------------+-------------------------
Changes (by JeremyRand):

 * cc: jeremy@… (added)


Comment:

 Replying to [comment:9 lunar]:
 > Tor Browser now uses SOCKS username/password to use different circuits
 for each domain. Does Thunderbird now support using SOCKS username
 password as well? Would it be complicated to get a different circuit for
 each account now that it's a reality?
 >
 > One corner case to be aware of is POP before SMTP. I don't know if these
 kind of setups are still in use, but they were popular at some point. It
 would probably be best if the same circuit can be used in such a case, as
 I believe some implementation would ensure that the same IP is in use for
 both POP and subsequent SMTP. This is still a minor use case and should
 not block getting proper isolation between accounts.
 >
 > Thanks!

 Yes, Thunderbird supports SOCKS authentication now.  The Tor Browser patch
 against Firefox to support SOCKS authentication was upstreamed to Mozilla
 in this bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1200802 ; it was
 merged by Mozilla on 2015 Nov 26.

 As far as I can tell, Icedove in Debian Jessie includes this support, see
 https://sources.debian.net/src/icedove/1:45.2.0-1~deb8u1/mozilla/netwerk/base/nsIProxyInfo.idl/#L53
 .

 So as far as I can tell, it should be straightforward to use this in
 TorBirdy -- use the standard Mozilla hooks for setting proxy settings per
 connection (I assume these API's are identical between Firefox and
 Thunderbird), and set the "username" and "password" fields of the
 nsProxyInfo instance that you generate to whatever you want them to be.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6359#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list