[tbb-dev] Tor Browser proxy settings
Mark Smith
mcs at pearlcrescent.com
Thu Nov 9 14:35:04 UTC 2017
On 11/8/17 12:58 PM, Tom Ritter wrote:
> Hey folks,
>
> nmago is continuing work on the crash reporter, and ran into some
> proxy problems. He's trying to get the proxy settings inside the crash
> reporter tool but the crash reporter tool can't read Firefox's proxy
> settings!
>
> Upstream this is talked about in
> https://bugzilla.mozilla.org/show_bug.cgi?id=1388897
> https://bugzilla.mozilla.org/show_bug.cgi?id=1333125
> and he asked here:
> https://groups.google.com/forum/#!topic/mozilla.dev.platform/opiD1Rz-e68
>
> I'm wondering if in Tor Browser we can run around Firefox' lack of
> support here and:
>
> A) If we hardcode the proxy settings (fixed port) than nmago can just
> hardcode it in the crash reporter
> OR
> B) If we choose a random port, if we can make that information
> available to the crash reporter somehow.
The code that sets the browser proxy preferences is here:
https://gitweb.torproject.org/torbutton.git/tree/src/components/startup-observer.js#n79
(within the setProxySettings() function).
It checks some environment variables, but usually it ends up asking Tor
Launcher for the settings (which are determined by TL before it starts
the tor daemon). The gory details of what Tor Launcher does can be found
in comments and code here:
https://gitweb.torproject.org/tor-launcher.git/tree/src/components/tl-protocol.js#n89
Note that in some cases a Unix domain socket is used instead of a TCP port.
> If we do (B), is the port chosen written out into a torrc file he
> could read? Or is it determined on startup and only held in memory?
> This gets tricky because we don't really want to write anything to
> disk and other IPC mechanisms (Environment Variables) are
> concerning... (but maybe acceptable from our threat model?)
I am not sure what the best solution is, but I assume the idea is to use
the already running tor deamon to submit crash reports. Will the tor
daemon still be running after the browser process crashes (Tor Launcher
uses the TAKEOWNERSHIP control port command to arrange for tor to
shutdown when the firefox process does). Also note that recent versions
of Tor Launcher pass the SocksPort info via the command args when
starting tor, so in most cases the SOCKSPort info won't be written to torrc.
--
Mark Smith
Pearl Crescent
http://pearlcrescent.com/
More information about the tbb-dev
mailing list