Feature #7686

Verify that Tor Browser does not connect to check.t.o if HTTPS Everywhere is disabled

Added by intrigeri 2014-07-29 10:59:54 . Updated 2014-08-09 15:21:00 .

Status:
Resolved
Priority:
Low
Assignee:
Category:
Target version:
Start date:
2014-07-29
Due date:
% Done:

100%

Feature Branch:
Type of work:
Test
Blueprint:

Starter:
1
Affected tool:
Browser
Deliverable for:

Description

On https://trac.torproject.org/projects/tor/ticket/9693, we’re told that Bug #6261 is actually not caused by Torbutton, but most likely by HTTPS Everywhere. We should verify this:

  1. start sniffing the outgoing connections (e.g. via the Vidalia network map, which is not perfect, but easy and cheap)
  2. start Tor Browser in Tails
  3. verify that you can see an outgoing connection to check.torproject.org
  4. disable the HTTPS Everywhere add-on
  5. close Tor Browser
  6. start Tor Browser
  7. verify that you can not see any outgoing connection to check.torproject.org
  8. report back on this ticket

Subtasks

Related issues

Blocks Tails - Bug #6262: Wait for Torbutton to allow not connecting to check.t.o on startup Rejected 2013-09-07

History

#1 Updated by intrigeri 2014-07-29 11:00:27

  • blocks Bug #6262: Wait for Torbutton to allow not connecting to check.t.o on startup added

#2 Updated by BitingBird 2014-07-29 16:15:20

  • Starter changed from No to Yes

The procedure is well documented, so this ticket is easy :)

#3 Updated by kytv 2014-08-07 18:44:54

It’s definitely HTTPSEverywhere, seen in Tails 1.1. With HTTPS Everywhere enabled, check.t.o is accessed. With it disabled, there’s no connection made to check.torproject.org.

#4 Updated by kytv 2014-08-07 18:57:45

I don’t know JS—at all—but this is in the SSLObservatory code:

  65 function SSLObservatory() {
  66   this.prefs = CC["@mozilla.org/preferences-service;1"]
  67         .getService(CI.nsIPrefBranch);
  68 
  69   try {
  70     // Check for torbutton
  71     this.tor_logger = CC["@torproject.org/torbutton-logger;1"]
  72           .getService(CI.nsISupports).wrappedJSObject;
  73     this.torbutton_installed = true;
  74   } catch(e) {
  75     this.torbutton_installed = false;
  76   }
  77 
  78   this.HTTPSEverywhere = CC["@eff.org/https-everywhere;1"]
  79                             .getService(Components.interfaces.nsISupports)
  80                             .wrappedJSObject;
  81 
  82   /* The proxy test result starts out null until the test is attempted.
  83    * This is for UI notification purposes */
  84   this.proxy_test_successful = null;
  85   this.proxy_test_callback = null;
  86   this.cto_url = "https://check.torproject.org/?TorButton=true";
  87   // a regexp to match the above URL
  88   this.cto_regexp = RegExp("^https://check\\.torproject\\.org/");
  89 
  90   this.public_roots = root_ca_hashes;

So (if I’m reading this correctly) if TorButton is installed it tries check.t.o, otherwise it doesn’t…which leads to Torbutton being blamed?

#5 Updated by BitingBird 2014-08-08 17:02:37

  • Status changed from Confirmed to In Progress

#6 Updated by intrigeri 2014-08-09 15:21:00

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100

Thanks!