tor-launcher issueshttps://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues2022-06-17T20:41:17Zhttps://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/25823Tor Launcher inconsistently sets TZ=UTC for tor process2022-06-17T20:41:17ZTaylor YuTor Launcher inconsistently sets TZ=UTC for tor processSome investigations done as part of legacy/trac#25511 suggest that the first time Tor Launcher runs tor, it either unsets or fails to change `TZ`. If tor crashes or needs to be restarted for some reason, then it sets `TZ=UTC`. My summa...Some investigations done as part of legacy/trac#25511 suggest that the first time Tor Launcher runs tor, it either unsets or fails to change `TZ`. If tor crashes or needs to be restarted for some reason, then it sets `TZ=UTC`. My summary of one instance of this behavior is at ticket:25511#comment:32.
Tor Launcher should probably leave the time zone alone when starting tor, so tor can detect what local time for the machine is. We should also consider the privacy impact of revealing a user's timezone through logging (see legacy/trac#18112 for one instance of this concern).
In any case Tor Launcher should probably be consistent about which timezone it starts tor in.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/26172torrc-defaults is not optional2022-05-18T22:43:19Zcypherpunkstorrc-defaults is not optional```
var torrcDefaultsFile =
TorLauncherUtil.getTorFile("torrc-defaults", false);
```
```
var geoipFile = torrcDefaultsFile.clone();
geoipFile.leafName = "geoip";
var geoip6File = torrcDefaults...```
var torrcDefaultsFile =
TorLauncherUtil.getTorFile("torrc-defaults", false);
```
```
var geoipFile = torrcDefaultsFile.clone();
geoipFile.leafName = "geoip";
var geoip6File = torrcDefaultsFile.clone();
geoip6File.leafName = "geoip6";
var args = [];
if (torrcDefaultsFile)
{
args.push("--defaults-torrc");
args.push(torrcDefaultsFile.path);
}
```
Missed "optional" torrc-defaults file leads to exception and failed Tor start with unclear reason for user.Sponsor 131 - Phase 5 - Ongoing Maintenancehttps://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/9675Provide feedback mechanism for clock-skew and other bad problems2022-03-30T15:51:10ZLunarProvide feedback mechanism for clock-skew and other bad problemsTBB 3.0 currently has a button to copy Tor logs to the clipboard. It's good enough to enable support by knowledgeable people, but it is also good to enable at least a minimal level of self-support.
One misconfiguration that can prevent ...TBB 3.0 currently has a button to copy Tor logs to the clipboard. It's good enough to enable support by knowledgeable people, but it is also good to enable at least a minimal level of self-support.
One misconfiguration that can prevent Tor from working is clock-skew. Vidalia made a bright red message out of it. Having some feedback mechanism in TBB 3.0 for similar critical issues would be good.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/30473update Tor Browser proposal 102 to account for Tails team feedback2022-03-17T05:47:34ZMark Smithupdate Tor Browser proposal 102 to account for Tails team feedbackWe need to update proposal 102 "Integration of Tor Launcher into Tor Browser Core" to account for feedback we received from the Tails team (intrigeri). See the discussion here:
https://lists.torproject.org/pipermail/tbb-dev/2019-February...We need to update proposal 102 "Integration of Tor Launcher into Tor Browser Core" to account for feedback we received from the Tails team (intrigeri). See the discussion here:
https://lists.torproject.org/pipermail/tbb-dev/2019-February/000962.html
https://lists.torproject.org/pipermail/tbb-dev/2019-February/000963.html
https://lists.torproject.org/pipermail/tbb-dev/2019-February/000964.htmlhttps://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/12053captive portal: Infinite loop when 'identity mismatch' error is raised.2022-03-16T22:14:56ZMatt Pagancaptive portal: Infinite loop when 'identity mismatch' error is raised.To reproduce this error, launch Tor Browser from behind a captive portal for which you haven't yet agreed to the terms. A window pops up reporting a tor error with the phrase "identity mismatch". Clicking through it will lead to a new wi...To reproduce this error, launch Tor Browser from behind a captive portal for which you haven't yet agreed to the terms. A window pops up reporting a tor error with the phrase "identity mismatch". Clicking through it will lead to a new window for "Tor failed to launch". Clicking through that will bring you back to the error window for "identity mismatch". This unending parade of error windows will continue even if one disconnects from the network. It is impossible to close Tor Browser at this point without sending a SIGKILL.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/12501"Tor unexpectedly exited" if there is a wrong line in torrc2022-03-16T22:14:02ZSherief"Tor unexpectedly exited" if there is a wrong line in torrcI decided to add a new fte bridge and by chance I had torrc open in my text editor then entered "bridg fte ip:port fingerprint". (I shouldn't have done that.)
Then I started Tor Launcher and it kept spitting out "Tor Unexpectedly exited...I decided to add a new fte bridge and by chance I had torrc open in my text editor then entered "bridg fte ip:port fingerprint". (I shouldn't have done that.)
Then I started Tor Launcher and it kept spitting out "Tor Unexpectedly exited". So I did a ./start-tor-browser
```
Jun 30 22:49:58.033 [warn] Failed to parse/validate config: Unknown option 'Bridg'. Failing.
Jun 30 22:49:58.033 [err] Reading config failed--see warnings above.
```
Wouldn't it be better if Tor Launcher reported back the above messages? I would've never knew my error if I were using Windows.
Also, here's a part of my conversation with arma:
```
<arma4> what is the bad bridge line? i assume tor does give an explanation.
<sherief> I would've never knew what's wrong without ./start-tor-browser
<sherief> "bridg" missing an "e"
<sherief> :)
<sherief> bridg transportType IP:Port fingerprint
<arma4> expands to bridgeauthoritativedir
<arma4> can you file a ticket, that bridg should expand to bridge?
<arma4> V(BridgeAuthoritativeDir, BOOL, "0"),
<arma4> VAR("Bridge", LINELIST, Bridges, NULL),
<arma4> i think we just reverse the order of these two lines and it's done
<arma4> doesn't resolve your general issue, but resolves this specific one
```https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/13456Tor Launcher should start centered on all OSes2022-03-16T22:11:11ZSheriefTor Launcher should start centered on all OSesTor Launcher starts on Windows and Mac top left but on Linux it starts centered. For the sake of consistency it should choose one.Tor Launcher starts on Windows and Mac top left but on Linux it starts centered. For the sake of consistency it should choose one.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/18327Aborting the Tor Launcher setup wizard and restarting should show the languag...2022-03-16T22:10:27ZGeorg KoppenAborting the Tor Launcher setup wizard and restarting should show the language selection dialog againAborting the setup wizard does not lead to the language selection dialog showing up again on re-start. I think we should treat it as an integral part of the setup wizard, though, showing it again as well. For instance, it might be the ca...Aborting the setup wizard does not lead to the language selection dialog showing up again on re-start. I think we should treat it as an integral part of the setup wizard, though, showing it again as well. For instance, it might be the case that users realize they selected the wrong language and try to undo that by clicking on `Quit` on the next pane (as there is no `Back` button available). But restarting Tor Browser won't help them currently.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/18330Tor Launcher only accepts HEXDIGIT passwords for controller2022-03-16T22:09:30ZGeorg KoppenTor Launcher only accepts HEXDIGIT passwords for controllerWe currently give the advice to double quote the password for the Tor controller in the start-tor-browser script which seems to be a good thing given the trouble with quoting correctly. But this does not work (I wonder if it actually eve...We currently give the advice to double quote the password for the Tor controller in the start-tor-browser script which seems to be a good thing given the trouble with quoting correctly. But this does not work (I wonder if it actually ever worked). The problem is that Tor Launcher is expecting a `HEXDIGIT` password. Using `deadbeef` is fine but
```
password[i] = parseInt(aHexPassword.substr(i * 2, 2), 16);
```
does not like things like `test` or `'"test"'` and is e.g. reporting for the former `NaN, NaN` which breaks the hashed control password option (the argument `aHexPassword` is spoiling the bug hunt a bit but I was not affected by it :) ). That in turn breaks the authentication and Tor Browser won't start.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/18543Change dialog message when there is no protocol to copy2022-03-16T22:06:25ZJens KubiezielChange dialog message when there is no protocol to copyI'm running Tor Browser 6.0a3-hardened on Debian GNU/Linux. When I wanted to Tor Browser, it showed me a message that Tor unexpectedly was closed. I wanted to copy the relevant log messages and clicked on the "copy the Tor protocol messa...I'm running Tor Browser 6.0a3-hardened on Debian GNU/Linux. When I wanted to Tor Browser, it showed me a message that Tor unexpectedly was closed. I wanted to copy the relevant log messages and clicked on the "copy the Tor protocol message" button (I use the german version which says "Tor-Protokoll in die Zwischenablage kopieren"). After I hit the button a message appeared which read like "Copy ready. 0 Messages were copied" (German: "Kopie vollständig. 0 Tor-Protokollnachrichten sind bereit …").
To me this message doesn't make fully sense. It says that there were 0 messages copied. IMHO it would be better to print something like "Currently there are no log messages to copy." or a similar message to make it clear that there are no log messages.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/20315Tor launcher doesn't respect ReachableAddresses2022-03-16T22:00:38ZcypherpunksTor launcher doesn't respect ReachableAddressesOn a fresh copy of tor browser, any included ReachableAddresses rules are removed when the torrc file is overwritten by the tor launcher.On a fresh copy of tor browser, any included ReachableAddresses rules are removed when the torrc file is overwritten by the tor launcher.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/20321Quit Tor Browser Menu Option Does Not Work from Launcher on Mac OS2022-03-16T21:59:49ZcypherpunksQuit Tor Browser Menu Option Does Not Work from Launcher on Mac OSTorBrowser 6.0.5 on OS X 10.11.6.
When the "Tor Network Settings" dialog to Connect to the Tor Network is the only TorBrowser window open, the "Quit Tor Browser" option from the OS X Finder Tor Browser menu does not quit the application...TorBrowser 6.0.5 on OS X 10.11.6.
When the "Tor Network Settings" dialog to Connect to the Tor Network is the only TorBrowser window open, the "Quit Tor Browser" option from the OS X Finder Tor Browser menu does not quit the application.
To reproduce:
1. Disable network to force Tor Network Settings to open.
2. Open TorBrowser. The Tor Network Settings page should show with an error saying it is not connected to the Tor Network.
3. Now try closing the application from "Quit Tor Browser" in the Finder menu.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/21273Proxy settings unecessarily limit guard selection process2022-03-16T21:59:09ZpastlyProxy settings unecessarily limit guard selection processMy use case:
I build an SSH socks5 proxy to a network less restrictive than the one I'm on. I tell Tor Browser to use that socks5 proxy. I leave "This computer goes through a firewall that only allows connections to certain ports" unche...My use case:
I build an SSH socks5 proxy to a network less restrictive than the one I'm on. I tell Tor Browser to use that socks5 proxy. I leave "This computer goes through a firewall that only allows connections to certain ports" unchecked.
The following lines are added to the torrc.
```
Socks5Proxy 127.0.0.1:2343
ReachableAddresses *:80,*:443
ReachableAddresses reject *:*
ReachableAddresses reject *:*
```
The reachable address lines seem to be added due to https://trac.torproject.org/projects/tor/ticket/11405#comment:7
(The duplicate ReachableAddresses reject line is a known issue ... somewhere. There's a ticket.)
The issue:
I can reach any port on through this socks5 proxy. My guard selection is being artificially limited to guards that have an ORPort of 443.
I suspect that ReachableAddresses should only be set to 80 and 443 if the proxy type is HTTP(S). Or not at all unless "This computer goes through a firewall that only allows connections to certain ports" is checked. In my very limited experience with proxies, it seems sane to assume only 80/443 for HTTP(S) proxies, but it doesn't seem sane to assume 80/443 for a socks5 proxy.
The following python script shows that right now about 42% of guards have the ORPort of 443 (or 80, but most are 443).
```
from stem.control import Controller
guards_443 = []
guards_all = []
with Controller.from_port(port = 9151) as c:
c.authenticate()
for stat in c.get_network_statuses():
if 'Guard' in stat.flags:
guards_all.append(stat)
if stat.or_port == 80 or stat.or_port == 443:
guards_443.append(stat)
print "Num 443 ORPort guards:", len(guards_443)
print "Num guards: ", len(guards_all)
print "443/all:", len(guards_443)*1.0/len(guards_all)
```
More interesting would be
- what percent by weight am I limited to?
- what is the geographical distribution of these guards?https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/24098setup wizard loses firewall setting2022-03-16T21:33:59ZMark Smithsetup wizard loses firewall settingFrom ticket:23261#comment:33:
1) Start with connecting directly.
2) Open the Tor Launcher network settings in the browser window and check the firewall option
3) Click okay and restart the browser
4) Cancel normal start-up and configure...From ticket:23261#comment:33:
1) Start with connecting directly.
2) Open the Tor Launcher network settings in the browser window and check the firewall option
3) Click okay and restart the browser
4) Cancel normal start-up and configure bridges (obfs4)
5) Check the Tor Launcher network settings in the browser window and the firewall option is now unchecked (which should not be the case)https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/24452Firewall option is visible behind Tor Network Settings... but not during star...2022-03-16T21:33:41ZGeorg KoppenFirewall option is visible behind Tor Network Settings... but not during start-upnicoo got confused by firewall options not being visible during start-up but behind the Tor Network Settings... option. I think they are right we should avoid that mismatch.
Part of proposal 106 https://gitlab.torproject.org/tpo/applica...nicoo got confused by firewall options not being visible during start-up but behind the Tor Network Settings... option. I think they are right we should avoid that mismatch.
Part of proposal 106 https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/blob/master/proposals/106-quickstart.txthttps://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/25360Moat UI is hidden if there are no default bridges2022-03-16T21:33:02ZMark SmithMoat UI is hidden if there are no default bridgesThe Moat UI is hidden if there are no default bridges configured, which is the case in Tails. It should not be hidden. In fact, there is code in Tor Launcher that hides all of the radio buttons in this case (which was fine before we adde...The Moat UI is hidden if there are no default bridges configured, which is the case in Tails. It should not be hidden. In fact, there is code in Tor Launcher that hides all of the radio buttons in this case (which was fine before we added the Moat feature).
The original report of this problem is in ticket:23136#comment:48.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/25362setup dialog opens after tor restart when TOR_FORCE_NET_CONFIG=12022-03-16T21:32:26ZMark Smithsetup dialog opens after tor restart when TOR_FORCE_NET_CONFIG=1In the "new" Tor Launcher UI, the progress bar is integrated into the same window as the initial setup wizard. Unfortunately, I found a way to get the window to open in the wrong mode (setup instead of progress). Steps to reproduce:
1. S...In the "new" Tor Launcher UI, the progress bar is integrated into the same window as the initial setup wizard. Unfortunately, I found a way to get the window to open in the wrong mode (setup instead of progress). Steps to reproduce:
1. Set TOR_FORCE_NET_CONFIG=1 in your environment.
2. Start Tor Browser and connect.
3. Allow bootstrapping to finish.
4. Kill the `tor` (`tor.real` on macOS) process.
5. Click `Restart Tor` when prompted inside Tor Browser.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/25407Unable to retrieve tor settings - Please ensure Tor is running2022-03-16T21:31:31ZTracUnable to retrieve tor settings - Please ensure Tor is runningI use TorBrowser (7.5 FF 52.6.0 64-bit) with an independent Tor (0.3.2.9) process. Linux 4.13.9-1-ARCH
Configs:
in .bashrc :
export TOR_SKIP_LAUNCH=1
in start-tor-browser :
setControlPortPasswd ${TOR_CONTROL_PASSWD:='"xxxxxxxx"'}
and...I use TorBrowser (7.5 FF 52.6.0 64-bit) with an independent Tor (0.3.2.9) process. Linux 4.13.9-1-ARCH
Configs:
in .bashrc :
export TOR_SKIP_LAUNCH=1
in start-tor-browser :
setControlPortPasswd ${TOR_CONTROL_PASSWD:='"xxxxxxxx"'}
and every configuration suggested in start-tor-browser modified in about:config
This always worked fine for browsing, but with one inconvenience: I wasn't able to use the option "Tor Network Settings..." at the TorButton menu, it always gives the error "Unable to retrieve tor settings - Please ensure Tor is running".
Checking the logs, I've found that TorButton gets the right password for control connection, but TorLauncher receives the password with extra double quotes
TorButton connects with no problem, but TorLauncher doesn't.
Here's the log:
[03-02 18:41:18] TorLauncher DBUG: Opening control connection to 127.0.0.1:9151
[03-02 18:41:18] TorLauncher DBUG: Sending Tor command: AUTHENTICATE "\"xxxxxxxx\""
[03-02 18:41:18] TorLauncher DBUG: Command response: 515 Authentication failed: Password did not match HashedControlPassword value from configuration
[03-02 18:41:18] TorLauncher NOTE: authenticate failed
[03-02 18:41:18] TorLauncher DBUG: Opening control connection to 127.0.0.1:9151
[03-02 18:41:18] TorLauncher DBUG: Sending Tor command: AUTHENTICATE "\"xxxxxxxx\""
[03-02 18:41:18] TorLauncher DBUG: Command response: 515 Authentication failed: Password did not match HashedControlPassword value from configuration
[03-02 18:41:18] TorLauncher NOTE: authenticate failed
[03-02 18:41:18] TorLauncher DBUG: readTorSettings done; didSucceed: false
[03-02 18:41:18] TorLauncher DBUG: initDialog done
**Trac**:
**Username**: Torohttps://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/28699Tor Browser is not properly shutting down tor2022-03-16T21:06:48ZGeorg KoppenTor Browser is not properly shutting down torWe got a bug report on our blog from a user that can reproduce tor being not shut down during browser shutdown. That leads to a failed Tor Browser start until the old tor process got killed. See: https://blog.torproject.org/comment/27840...We got a bug report on our blog from a user that can reproduce tor being not shut down during browser shutdown. That leads to a failed Tor Browser start until the old tor process got killed. See: https://blog.torproject.org/comment/278400#comment-278400.https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/31830tor-launcher string.trim()'s string elements in config UX, even passwords2022-03-16T20:49:39Zrichardtor-launcher string.trim()'s string elements in config UX, even passwordsnetwork-settings.js::getElemValue() trims string types, even the password field for proxy configuration.network-settings.js::getElemValue() trims string types, even the password field for proxy configuration.