[tor-bugs] #27609 [Applications/Tor Browser]: TBA: Evaluate Tor Onion Proxy Library

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Dec 14 19:57:22 UTC 2018 

#27609: TBA: Evaluate Tor Onion Proxy Library
-------------------------------------------------+-------------------------
 Reporter:  sysrqb                               |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:  new
 Priority:  Very High                            |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-mobile, TorBrowserTeam201812,    |  Actual Points:
  TBA-a3                                         |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor8
-------------------------------------------------+-------------------------

Comment (by sysrqb):

 Replying to [comment:15 sisbell]:
 > Evaluation:
 >
 >  1. Tor Installation: Tor Onion Proxy library is using tor-android-
 binary - Who is going to install the tor binary? Orbot or Tor Onion Proxy
 Libray. If orbot installs, we will need to configure the onion proxy to
 use those locations for tor files/libraries.

 We'd use this instead of Orbot. This library would completely replace our
 Orbot implementation.

 >  1. Settings Screen: there is no settings screen: configure ports,
 delete/add onion addresses [these features need to be defined]

 Right. We'll need to create our own UI for Orbot and TOPL, so I don't
 consider this a blocker.

 >  1. Starting Proxy: This is a simple operation to start but we need to
 display the startup logs to the user. We also need to define UI to handle
 things like restart or shutdown.
 >  1. Stability: Its workable for an alpha, but we should cleanup up the
 threading and socket connections
 >

 This is what I'm primarily worried about. Is the code quality where we
 need it. Is it tested? Is the code safe (for some value of safe)? With
 Orbot, we weren't exposing our users to new code (because Orbot was
 previously a dependency). If we use TOPL then we should be confident this
 won't be worse.

 > In summary: this is not a simply a drop-in. It will need a UI defined
 and built but core functionality is all there. Suggest cleanup of
 threading before a production release.

 Can you estimate how much time this will require? Would we need to re-
 write much of the code and redesign it?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27609#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list