[tor-bugs] #29347 [Obfuscation/meek]: Rewrite meek-http-helper as a WebExtension
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Feb 23 02:37:54 UTC 2019
#29347: Rewrite meek-http-helper as a WebExtension
------------------------------+------------------------------
Reporter: dcf | Owner: dcf
Type: enhancement | Status: needs_review
Priority: Medium | Milestone:
Component: Obfuscation/meek | Version:
Severity: Normal | Resolution:
Keywords: webextension | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------+------------------------------
Changes (by dcf):
* status: assigned => needs_review
Comment:
I worked on integrating the WebExtension into Tor Browser. It's working
now and ready to be looked at.
* [https://gitweb.torproject.org/pluggable-
transports/meek.git/log/?h=webextension&id=de03366fbe1f23cbb21d41aec8f4913f189ecb8b
meek]
* [https://gitweb.torproject.org/user/dcf/tor-browser-build.git/commit/?h
=meek-webextension&id=45192a1adcb29e6200f2b9e46d97bbdbbfb0a509 tor-
browser-build]
I tested it on linux-x86_64 and windows-x86_64, but I'm not set up to test
on osx.
Recall that the native messaging API requires us to install a JSON "host
manifest" for the native executable--this both authorizes the extension to
run a native executable, and tells the browser the (absolute) path to the
native executable. The absolute path inside the manifest means we cannot
just use a static file; we need to know where the browser is installed. So
now, meek-client-torbrowser [https://gitweb.torproject.org/pluggable-
transports/meek.git/commit/?h=webextension&id=5b539a2c5f2a8474cee3dc2c2312ad365bdb1cca
writes a host manifest] (taking into account platform-specific paths)
before starting the browser.
Two things I'd specifically like feedback on:
* I'm not able to test the osx version, which is slightly tricky because
the data directory can be in different places depending on
`TOR_BROWSER_TOR_DATA_DIR` (#18904). [https://gitweb.torproject.org
/pluggable-transports/meek.git/diff/meek-client-
torbrowser/mac.go?h=webextension&id=5b539a2c5f2a8474cee3dc2c2312ad365bdb1cca
This is what I'm doing], but I'm not sure if it works:
if `TOR_BROWSER_TOR_DATA_DIR` is set:
install in `$TOR_BROWSER_TOR_DATA_DIR/../Browser`
else:
install in `$PWD/../../../../TorBrowser-Data/Browser`
The documentation [https://developer.mozilla.org/en-US/docs/Mozilla
/Add-ons/WebExtensions/Native_manifests#Mac_OS_X says] that the host
manifest should be installed in `$HOME/Library/Application
Support/Mozilla/NativeMessagingHosts/`, but the code actually does a
[https://dxr.mozilla.org/mozilla-
central/rev/c2593a3058afdfeaac5c990e18794ee8257afe99/toolkit/components/extensions/NativeManifests.jsm#44
Services.dirsvc.get] for [https://dxr.mozilla.org/mozilla-
central/source/toolkit/xre/nsXREDirProvider.cpp#420
XRE_USER_NATIVE_MANIFESTS], which calls `GetUserDataDirectoryHome` and
then into some Tor Browser–overriden code that replaces the home
directory.
* As noted in comment:9, on windows we cannot simply write the host
manifest to a well-known path. You have to set a well-known registry key
whose value is the path to the manifest. So [https://gitweb.torproject.org
/pluggable-transports/meek.git/diff/meek-client-
torbrowser/windows.go?h=webextension&id=5b539a2c5f2a8474cee3dc2c2312ad365bdb1cca
what the code does now] is write a registry key at
`HKEY_CURRENT_USER\SOFTWARE\Mozilla\NativeMessagingHosts\meek.http.helper`.
That works, but I don't like the fact that it leaves a permanent trace
outside the installation directory. I'd like to know if there are any
ideas for removing this step.
The tor-browser-build changes are minimal: just packaging the webextension
directory instead of the firefox directory, building the native
executable, and adding a dependency on golang.org/x/sys/windows/registry
to write the registry key on windows.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29347#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list