[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21625 [Applications/Tor Browser]: Review networking code for Firefox 52

Subject: Re: [tor-bugs] #21625 [Applications/Tor Browser]: Review networking code for Firefox 52
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 04 Apr 2017 20:17:33 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 04 Apr 2017 16:17:42 -0400
In-reply-to: <042.2f1a7243b0dab1d02fd4d62277ca6954@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <042.2f1a7243b0dab1d02fd4d62277ca6954@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21625: Review networking code for Firefox 52
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:
                                                 |  mikeperry
     Type:  task                                 |         Status:
                                                 |  assigned
 Priority:  Very High                            |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Critical                             |     Resolution:
 Keywords:  TorBrowserTeam201703, ff52-esr,      |  Actual Points:
  tbb-7.0-must                                   |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by gk):

 Replying to [comment:3 mikeperry]:
 > Stuff we should patch/disable:
 >  * FlyWeb (dom/flyweb/FlyWebService.cpp) - This is a mechanism for
 contacting local devices and interacting with them. It may not be fully
 implemented, but networking code is definitely here. Disable it.

 We have #21746 for that.

 >  * dom/presentation/* and nsNetworkInfoService::ListNetworkAddresses -
 the Presentation API (for remote displays - https://developer.mozilla.org
 /en-US/docs/Web/API/Presentation_API). This needs to be disabled even if
 proxied, because it does ICE-style IP address discovery and advertisement.

 #18862

 >  * ./dom/presentation/provider/MulticastDNSDeviceProvider.cpp - used by
 the Presentation API to announce itself (and maybe other stuff?). Make
 sure it gets disabled.
 >  * The Rust URL parser (third_party/rust/url/src/host.rs) has a
 to_socket_addrs and ToSocketAddrs methods. These should be patched out for
 safety and to remind us later, I think.
 >  * netwerk/dns/mdns/libmdns/fallback/MulticastDNS.jsm - more mDNS stuff
 that should be disabled.

 We have #21861 for the mdns stuff and #21862 for the Rust part.

 > Android stuff that definitely leaks that we should fix (missing proxy
 params to HttpUrlConnection - these need to use the buildHttpConnection
 helper to get a proxy):
 >  * mobile/android/base/java/org/mozilla/gecko/feeds/FeedFetcher.java
 >  *
 mobile/android/base/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
 >  *
 mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java
 >  * mobile/android/thirdparty/com/keepsafe/switchboard/SwitchBoard.java

 That's #21683.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21625#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR
Next by Author: Re: [tor-bugs] #22041 [Applications/Tor Browser]: libmozsandbox.so error on Debian jessie amd64 after upgrading to 7.0a3
Previous by thread: Re: [tor-bugs] #21625 [Applications/Tor Browser]: Review networking code for Firefox 52
Next by thread: Re: [tor-bugs] #21415 [Core Tor/Tor]: tor_bug_occurred_: Bug: src/or/entrynodes.c:1845: select_entry_guard_for_circuit: Non-fatal assertion !(!guard_has_descriptor(guard)) failed.
Index(es):
- Author
- Thread