GitLab

The default configuration lives in /usr/share/tor/tor-service-defaults-torrc
nowadays.

- Our torrc is not outdated
- Previous links were both broken
- Our torrc is not for a "typical Tor user"
- Our torrc still works for much newer versions of Tor
- Our users are not supposed to edit this file

Currently translated at 17.7% (11 of 62 strings)

Translation: Tails/wiki/src/news/version_3.14.1.*.po
Translate-URL: http://translate.tails.boum.org/projects/tails/wikisrcnewsversion_3141po/pt/

Currently translated at 39.0% (16 of 41 strings)

Translation: Tails/wiki/src/news/version_3.11.*.po
Translate-URL: http://translate.tails.boum.org/projects/tails/wikisrcnewsversion_311po/it/

We use a dedicated SocksPort for the MUA as a trade-off: it gives poorer circuit
isolation than if we used the default SocksPort, but we were ready to compromise
on this in order to make POP-before-SMTP work. We've released Tails 3.0 with
this change 4 months ago and I've not heard about anyone being harmed by the
lack of POP-before-SMTP support, so let's give up on this one and get stronger
stream isolation in exchange.

This simplifies client configurations and assumptions made in many
applications that use Tor's ControlPort. It's the exception that we
connect to the unfiltered version, so this seems like the more sane
approach.

tsocks has been unmaintained for years in Debian, and is not in testing
at the moment.

Since we dropped ttdnsd, the only use case for tsocks was torifying Git.
But thanks to torsocks 2.1's AllowOutboundLocalhost we can now use torsocks to
torify Git without breaking Git-over-SSH. See commit:3922b0b2 for the previous
iteration of this.

refs: #10959
closes: #10955

Will-fix: 10167

That feature was introduced in Tor 0.2.7, and allows us to drop
bug15482.patch.

Will-fix: #10308.

The default value of this option activates warnings on ports
23,109,110,143. This commit disables the warnings for POP3 and IMAP as
these could be equally used in encrypted StartTLS connections.

... because it's not compatible with the seccomp sandboxing we
otherwise use.

Since Tor 0.2.6.x our custom patches for the ClientTransportPlugin
hacks are not needed any more. Now we can set ClientTransportPlugin
for the relevant transports in torrc without it causing problems with
any of the various *Proxy options. So let's do that!

Will-fix: #7283

GIT_PROXY_COMMAND is taken into account for git:// and Git over SSH, but not for
Git over HTTPS. The latter use to work when we were shipping Polipo, probably
thanks to the HTTP_PROXY environment variable and friends. Now it's broken.

Here, we're dropping usage of GIT_PROXY_COMMAND, and replacing it with a tsocks
wrapper.

Note: it would be nicer to use torsocks in this wrapper, which would work for
git:// and HTTPS, but it would break Git over SSH, since in Tails SSH has its
own ProxyCommand set to connect-socks, and then torsocks would block connections
initiated by connect-socks to the Tor SOCKS proxy, on the ground that they're
aimed at localhost and thus might be DNS requests.

Instead of installing the iceweasel package (and friends) we now fetch
the TBB tarballs at build-time and extract the Tor Browser, browser
add-ons and langpacks, and browser user data into sensible places. We
try to keep something like the old organization as much as possible.

Unfortunately this drops language support to whatever subset that the
TBB supports.

This reverts commit ffbc5e2b.

The sandbox is not compatible with managed proxies, so we'll need to enable it
only when we're not using these.

This feature (new in 0.2.5.x) should make Tor a bit harder to exploit.

When we set DisableNetwork most of Tor's listeners are delayed to
after it has setuid:ed away from root (to debian-tor) which causes
errors if it tries to listen on ports <1024.

This should be enough to avoid being affected by Tor#8511.

This should bring back support for proxies of type other than obfsproxy.

https://tails.boum.org/todo/non-obfsproxy_proxy/

It has been orphaned in Debian, has quite some bugs in there, and apparently
Tor's DNSPort's own caching could be good enough.

This reverts commit d4ab84a5.

This version does not contain the changes to the default configuration file, so
we need to add them manually to torrc.

... using a custom tsocks configuration file.

This mistake has been part of Tails since the very beginning,
but given how little tsocks is being used (currently: only for Claws Mail),
it's unlikely to have had any significant impact.

It was implemented in Tor 0.2.3.x:
https://trac.torproject.org/projects/tor/ticket/3439

This reverts commit 73397e5e.

The Torbutton "New identity" feature does not support ControlSocket yet:
https://trac.torproject.org/projects/tor/ticket/3967

This is totally safe due to our Tor enforcement. WarnUnsafeSocks=1
(which is the default) doesn't really make sense in a transparent
proxy setup and thus just confuses users that looks in the logs.

(in the 0.2.2.x Debian package.)

/home/amnesia is missing, as no clean way to include it is implemented yet.