Skip to content
  • Kathleen Brade's avatar
    Bug 30237: Add v3 onion services client authentication prompt · 42f64123
    Kathleen Brade authored and Georg Koppen's avatar Georg Koppen committed
    When Tor informs the browser that client authentication is needed,
    temporarily load about:blank instead of about:neterror and prompt
    for the user's key.
    
    If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
    control port command to add the key (via Torbutton's control port
    module) and reload the page.
    
    If the user cancels the prompt, display the standard about:neterror
    "Unable to connect" page. This requires a small change to
    browser/actors/NetErrorChild.jsm to account for the fact that the
    docShell no longer has the failedChannel information. The failedChannel
    is used to extract TLS-related error info, which is not applicable
    in the case of a canceled .onion authentication prompt.
    
    Add a leaveOpen option to PopupNotifications.show so we can display
    error messages within the popup notification doorhanger without
    closing the prompt.
    
    Add support for onion services strings to the TorStrings module.
    
    Add support for Tor extended SOCKS errors (Tor proposal 304) to the
    socket transport and SOCKS layers. Improved display of all of these
    errors will be implemented as part of bug 30025.
    
    Also fixes bug 19757:
     Add a "Remember this key" checkbox to the client auth prompt.
    
     Add an "Onion Services Authentication" section within the
     about:preferences "Privacy & Security section" to allow
     viewing and removal of v3 onion client auth keys that have
     been stored on disk.
    
    Also fixes bug 19251: use enhanced error pages for onion service errors.
    42f64123