[tor-bugs] #25405 [Applications/Tor Launcher]: cannot use Moat if a meek bridge is configured
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Mar 2 15:48:42 UTC 2018
#25405: cannot use Moat if a meek bridge is configured
-------------------------------------------+-------------------
Reporter: mcs | Owner: brade
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Launcher | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: Sponsor4 |
-------------------------------------------+-------------------
If Tor Browser is configured to use a meek transport (e.g., meek-amazon or
meek-azure), the Moat interface cannot be used to request bridges from
BridgeDB. The root cause is that Tor Launcher's Moat implementation uses
the same meek client programs and configuration as the built-in meek
bridges use, which means when Moat starts up it starts an "invisible"
firefox that tries to use the profile.meek-http-helper profile (which is
already in use).
Ideas for fixing this (from ticket:23136#comment:55):
a) Use a separate browser profile for the meek browser when it is used for
Moat (this requires a fix for #12716 and possibly other things inside
meek-client-torbrowser).
b) Give up on using the secondary browser and use meek-client to
obfs4proxy's meek_lite mode for Moat. This has the downside that the TLS
fingerprint will not match Firefox's when doing Moat).
c) Modify Tor Launcher to kill the tor daemon before using Moat. But this
might have undesirable side effects because some other part of the browser
may be using the Tor network (e.g., for a file download). Also, while Tor
Launcher knows how to restart tor if it is killed, it might be difficult
to make sure we kill and restart tor in a robust fashion when we are in
the middle of configuring settings.
Kathy and I are currently in favor of pursuing a) but could be convinced
to do something else.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25405>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list