[tbb-commits] [Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.0-1] 3 commits: fixup! Firefox preference overrides.

Pier Angelo Vendrame (@pierov) git at gitlab.torproject.org
Mon May 8 08:17:02 UTC 2023 


Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-12.0-1 at The Tor Project / Applications / Tor Browser


Commits:
8b73ad9e by Pier Angelo Vendrame at 2023-05-08T10:15:38+02:00
fixup! Firefox preference overrides.

Bug 41683: Disable the network process on Windows

- - - - -
c26520af by Pier Angelo Vendrame at 2023-05-08T10:16:07+02:00
fixup! Bug 10760: Integrate TorButton to TorBrowser core

Bug 40501: High CPU load after tor exits unexpectedly

When a peers (tor) disconnects, Firefox seems to keep the stream open,
and return 0 on available, rather than throwing.
So, as a matter of fact, we had a while trying to read 0 bytes without
any pause in _readLine, hence the 100% CPU usage.

- - - - -
23ddf6d2 by hackademix at 2023-05-08T10:16:21+02:00
Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key

- - - - -


3 changed files:

- browser/app/profile/001-base-profile.js
- security/manager/ssl/StaticHPKPins.h
- toolkit/torbutton/modules/tor-control-port.js


Changes:

=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -404,6 +404,14 @@ pref("captivedetect.canonicalURL", "");
 // See tor-browser#18801.
 pref("dom.push.serverURL", "");
 
+#ifdef XP_WIN
+// tor-browser#41683: Disable the network process on Windows
+// Mozilla already disables the network process for HTTP.
+// With this preference, we completely disable it, because we found that it
+// breaks stuff with mingw. See also tor-browser#41489.
+pref("network.process.enabled", false);
+#endif
+
 // Extension support
 pref("extensions.autoDisableScopes", 0);
 pref("extensions.databaseSchema", 3);


=====================================
security/manager/ssl/StaticHPKPins.h
=====================================
@@ -451,6 +451,14 @@ static const StaticFingerprints kPinset_tor = {
   kPinset_tor_Data
 };
 
+static const char* const kPinset_tor_browser_Data[] = {
+  kISRG_Root_X1Fingerprint,
+};
+static const StaticFingerprints kPinset_tor_browser = {
+  sizeof(kPinset_tor_browser_Data) / sizeof(const char*),
+  kPinset_tor_browser_Data
+};
+
 static const char* const kPinset_twitterCom_Data[] = {
   kGOOGLE_PIN_VeriSignClass2_G2Fingerprint,
   kGOOGLE_PIN_VeriSignClass3_G2Fingerprint,
@@ -619,6 +627,7 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = {
   { "blogger.com", true, false, false, -1, &kPinset_google_root_pems },
   { "blogspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "br.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
+  { "bridges.torproject.org", false, false, false, -1, &kPinset_tor_browser },
   { "bugs.chromium.org", true, false, false, -1, &kPinset_google_root_pems },
   { "build.chromium.org", true, false, false, -1, &kPinset_google_root_pems },
   { "business.facebook.com", true, false, false, -1, &kPinset_facebook },


=====================================
toolkit/torbutton/modules/tor-control-port.js
=====================================
@@ -135,6 +135,18 @@ class AsyncSocket {
       this.inputQueue.push({
         onInputStreamReady: stream => {
           try {
+            if (!this.scriptableInputStream.available()) {
+              // This means EOF, but not closed yet. However, arriving at EOF
+              // should be an error condition for us, since we are in a socket,
+              // and EOF should mean peer disconnected.
+              // If the stream has been closed, this function itself should
+              // throw.
+              reject(
+                new Error("onInputStreamReady called without available bytes.")
+              );
+              return;
+            }
+
             // read our string from input stream
             let str = this.scriptableInputStream.read(
               this.scriptableInputStream.available()



View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/77a7ec15cba6eedbc6070e340ea9cd484cad55ef...23ddf6d2989fd1c7ed9f601712edec3508b047b0

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/77a7ec15cba6eedbc6070e340ea9cd484cad55ef...23ddf6d2989fd1c7ed9f601712edec3508b047b0
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tbb-commits/attachments/20230508/d506fd7c/attachment-0001.htm>

More information about the tbb-commits mailing list