Project

General

Profile

Bug #16048

Deal with the fact that Tor Browser won't ship language packs anymore

Added by intrigeri 7 months ago. Updated about 2 months ago.

Status:
Confirmed
Priority:
Elevated
Assignee:
-
Category:
-
Target version:
-
Start date:
10/12/2018
Due date:
% Done:

0%

QA Check:
Feature Branch:
Type of work:
Communicate
Blueprint:
Starter:
Affected tool:
Browser

Description

https://trac.torproject.org/projects/tor/ticket/27466

The major reason for this change are:

When building a Tails image, we extract langpacks from the full set of localized Tor Browser tarballs (config/chroot_local-hooks/10-tbb). So once there's no langpack in there, we don't know how to ship translations for Tor Browser anymore.

This work upstream is targetted at Tor Browser 9.0 == Firefox 68esr = Oct 2019. As Georg wrote, it "will be 9.0 material if at all".


Related issues

Related to Tails - Feature #12571: Find a nicer way to add exceptions from mandatory signing for our Tor Browser add-ons Confirmed 05/19/2017
Blocks Tails - Feature #16209: Core work: Foundations Team Confirmed 03/22/2019

History

#1 Updated by intrigeri 7 months ago

#2 Updated by anonym 4 months ago

  • Parent task changed from #16047 to #16337

#3 Updated by intrigeri 3 months ago

  • Priority changed from Normal to Elevated
  • Type of work changed from Code to Communicate

Next step: check what's the current plan and whether we need to, and can, help make it work for us.

#4 Updated by intrigeri 3 months ago

  • Assignee set to intrigeri

I'll handle the part about communicating with the TB team.

#5 Updated by intrigeri 3 months ago

  • Related to Feature #12571: Find a nicer way to add exceptions from mandatory signing for our Tor Browser add-ons added

#6 Updated by intrigeri 3 months ago

  • Description updated (diff)

#7 Updated by intrigeri 3 months ago

  • Description updated (diff)

#8 Updated by intrigeri 3 months ago

  • Description updated (diff)

#9 Updated by intrigeri 3 months ago

My understanding is that the Tor Browser build system, as of tbb-8.0.5-build2, downloads signed langpacks from Mozilla, then for each of them, replaces the default bookmarks and search plugins with custom ones, and repacks it.

And on our side, we extract the langpacks (.xpi) from Tor Browser tarballs and copy them as-is into /usr/local/share/tor-browser-extensions.

So, we could download the langpacks from Mozilla, customize the bookmarks and search plugins ourselves (by copying those from the en-US Tor Browser tarball), and disable signature verification for these XPIs. This approach has a number of problems:

  • Given https://ftp.mozilla.org/pub/firefox/candidates/ does not support plaintext HTTP, we need to mirror the langpacks under a plaintext HTTP URL (similarly to our Tor Browser archive), so that apt-cacher-ng can cache it, and then we need to add a verification mechanism. That's errorprone to code and repetitive busywork every time we upgrade Tor Browser. OTOH we can stop mirroring all the Tor Browser tarballs: we only need the en-US one.
  • It requires either #12571 being fixed nicely, or us carrying more custom code to disable extension signature verification.

#10 Updated by intrigeri 3 months ago

Also, for our chrooted browsers (currently: Unsafe Browser), we modify each langpack again in delete_chroot_browser_searchplugins(). That's one more thing that won't survive extension signing unless #12571 is fixed nicely, or we carry more custom code to disable extension signature verification.

#11 Updated by intrigeri 3 months ago

On https://trac.torproject.org/projects/tor/ticket/27466#comment:18 I've argued in favour of postponing this change. Who knows, maybe the Tor Browser folks will prefer to give us a workaround we can use so they can release this change in their 8.5 :)

I'll keep handling the communication with upstream for now but I'd rather not be responsible for the implementation.

#12 Updated by intrigeri 3 months ago

This is for 3.14 (see email from geko on tails-dev) but I think we should work on this ASAP and not wait for post-3.13.

#13 Updated by intrigeri 3 months ago

  • Target version changed from Tails_3.13 to Tails_3.14
  • Parent task deleted (#16337)

Won't happen in TB 8.5, now targets 9.0 ⇒ /me relaxes. Still, I'll keep this on my radar to ensure I handle the communication with upstream part the best I can (it's not exactly anonym's cup of tea last time I checked, but if you want to sneak out of your comfort zone a bit, this could be a good one :)

#14 Updated by intrigeri 3 months ago

  • Description updated (diff)

#15 Updated by intrigeri 3 months ago

  • Description updated (diff)

#16 Updated by intrigeri 2 months ago

#17 Updated by intrigeri 2 months ago

#18 Updated by intrigeri about 2 months ago

  • Assignee deleted (intrigeri)
  • Target version deleted (Tails_3.14)

Also available in: Atom PDF