[Whonix-devel] #14271 [Applications/Tor Browser]: Make Torbutton work with Unix Domain Socket option

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Sep 2 10:30:01 CEST 2016


#14271: Make Torbutton work with Unix Domain Socket option
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  brade
     Type:  enhancement                          |         Status:
                                                 |  assigned
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-torbutton, tbb-security,         |  Actual Points:
  TorBrowserTeam201609                           |
Parent ID:  #14270                               |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  SponsorU
-------------------------------------------------+-------------------------
Changes (by gk):

 * status:  needs_information => assigned


Comment:

 Replying to [comment:13 mcs]:
 > Replying to [comment:12 gk]:
 > > 3) Checking whether we should call `torbutton_local_tor_check()`
 should check for
 > > `m_tb_control_socket_file` as well (not only for `m_tb_control_port`)
 I guess?
 >
 > We did add that check, although if you look at the patch with git's
 default of three lines of context it is not so obvious.

 Hm. No, it is even obvious then. Must have been a different kind of code-
 blindness, my bad.

 >
 > > 4) I am not so sure about
 > > {{{
 > > +            } catch(e) {
 > > +              m_tb_control_port = 9151;
 > > +            }
 > > }}}
 > > What was your rationale for adding that now (given you omitted it
 earlier)? For one, the logs might be misleading showing a probably wrong
 port (I mean the setup is seriously troubling if we need to assign `9151`
 in the catch clause at all) in an error with respect to the control
 connection. On the other hand, we might want to show that something is
 wrong with the help of `torbutton_do_tor_check()` which would update the
 toolbar button in this case (if we get that far at all with a broken setup
 like the one in question).
 >
 > Kathy and I added the 9151 default to be consistent with how
 m_tb_control_host is handled (it was already defaulting to 127.0.0.1).
 Thinking about this some more and looking at the existing Torbutton code,
 it seems like there is some effort to disable features (e.g., New
 Identity, the local Tor check) when the port is missing. So maybe we
 should put things back how there were and make sure we consistently check
 for port, password, etc. before trying to do things in Torbutton that
 require authenticated control port access?
 >
 > The circuit display code also includes code that defaults the port to
 9151, so if we decide to continue with the concept that a lack of port can
 be used to disable code, we should remove the `|| 9151` from this line in
 tor-circuit-display.js:
 > `myController = controller(socketFile, host, port || 9151, password,`
 > We can also add a check to skip the call to createTorCircuitDisplay() if
 port, password, etc. are missing (the existing code will log an error if
 initialization fails).
 >
 > What do you think?

 I think we should not set `m_tb_control_port` to `9151` now in the catch
 clause and open a new ticket for implementing a saner solution across all
 Torbutton code. We can discuss there what we want that solution to be.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14271#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the Whonix-devel mailing list