[tor-bugs] #30237 [Applications/Tor Browser]: Tor Browser: Improve TBB UI of hidden service client authorization

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 18 16:16:35 UTC 2019 

#30237: Tor Browser: Improve TBB UI of hidden service client authorization
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  mcs
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  TorBrowserTeam201911R, network-      |  Actual Points:
  team-roadmap-september                         |
Parent ID:  #30000                               |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor27-must
-------------------------------------------------+-------------------------
Changes (by mcs):

 * status:  needs_information => needs_review


Comment:

 Replying to [comment:37 gk]:
 > The torbutton changes look good to me. While reading over the browser
 changes and thinking about upcoming releases: what `tor` version do we
 need for this feature? In case there is no released version yet, what
 happens if the code changes in this bug land in a Tor Browser that does
 not have the corresponding features in `tor` it ships yet? What is the
 user experience then? Do things break?

 Good question. Things should not break. Because an older `tor` will not
 send any new SOCKS error codes, the browser will continue to exhibit the
 "old" behavior (unknown site) when the user tries to connect to a v3 onion
 that requires client authentication.

 And I keep forgetting that the `tor` patches have not been merged yet. The
 necessary patches are in review and #14389 is the tracking bug. I hope
 they land soon.

 Finally, your comment reminded me that Kathy and I forgot to post the Tor
 Launcher patch that is needed to enable the extended SOCKS errors feature.
 Here it is:
 https://gitweb.torproject.org/user/brade/tor-
 launcher.git/commit/?h=bug30237-03&id=7821bd58b69ed99c1a9bf86e102279c5bc0472c2

 We should not ship this Tor Launcher patch until we start to ship a `tor`
 that includes the #14389 fixes. It should be OK to merge the Torbutton and
 Tor Browser patches earlier, but maybe we should wait until the #14389
 patches are available on tor master.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30237#comment:39>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list