convergence
convergence copied to clipboard
mk-fg
UI broken on Firefox 33+ in Windows (ctypes symbol missing)
Seems the Convergence UI is broken on Firefox 33 and higher on Windows. On affected systems, the logo in the toolbar button is blank, and when I go into the options dialog, all options are blank and the OK button has no effect. Linux seems to be unaffected.
Here is the output with logging enabled via about:config; looks like a ctypes symbol is missing.
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\util\ConvergenceUtil.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ctypes\NSPR.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ctypes\NSS.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ctypes\SSL.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ctypes\SQLITE.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\sockets\ConvergenceListenSocket.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\sockets\ConvergenceClientSocket.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\sockets\ConvergenceServerSocket.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ctypes\Serialization.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ssl\CertificateManager.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ssl\CertificateInfo.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\proxy\HttpProxyServer.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\proxy\PatternList.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\components\Loc
alProxy.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ssl\PhysicalNotary.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ssl\Notary.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\components\Set
tingsManager.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\components\Con
nectionManager.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\ssl\NativeCertificateCache.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\components\Dat
abaseHelper.js
Convergence.core: Loaded!
Convergence.core: Loading: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profi
les\1mcdivng.default\extensions\[email protected]\chrome\content
\util\ConvergenceUtil.js
Convergence.core: Loaded!
Convergence.core: Using fallback (nss3) for lib nspr4: C:\Program Files (x86)\Mo
zilla Firefox\nss3.dll
Convergence.core: Using fallback (nss3) for lib ssl3: C:\Program Files (x86)\Moz
illa Firefox\nss3.dll
Convergence.core: Using fallback (nss3) for lib mozsqlite3: C:\Program Files (x8
6)\Mozilla Firefox\nss3.dll
Convergence.core: |
Error initializing ctypes - Exception: Error: couldn't find function symbol in
library
0: NSS.initialize@file:///C:/Users/Jeremy/AppData/Roaming/Mozilla/Firefox/P rofiles/1mcdivng.default/extensions/[email protected]/components /Convergence.js -> file:///C:/Users/Jeremy/AppData/Roaming/Mozilla/Firefox/Profi les/1mcdivng.default/extensions/[email protected]/chrome/content /ctypes/NSS.js:241:26' 1:Convergence.prototype.initializeCtypes@file:///C:/Users/Jeremy/AppData/R
oaming/Mozilla/Firefox/Profiles/1mcdivng.default/extensions/convergence@extensio
n.fraggod.net/components/Convergence.js:110:7'
2: Convergence@file:///C:/Users/Jeremy/AppData/Roaming/Mozilla/Firefox/Prof iles/1mcdivng.default/extensions/[email protected]/components/Co nvergence.js:34:5' 3:XPCOMUtils__getFactory/factory.createInstance@resource://gre/modules/XPC
OMUtils.jsm:292:19'
4: ConvergenceContentPolicy@file:///C:/Users/Jeremy/AppData/Roaming/Mozilla /Firefox/Profiles/1mcdivng.default/extensions/[email protected]/ components/ConvergenceContentPolicy.js:31:29' 5:XPCOMUtils__getFactory/factory.createInstance@resource://gre/modules/XPC
OMUtils.jsm:292:19'
Convergence.core: |
Convergence init error - Exception: Error: couldn't find function symbol in li
brary
0: NSS.initialize@file:///C:/Users/Jeremy/AppData/Roaming/Mozilla/Firefox/P rofiles/1mcdivng.default/extensions/[email protected]/components /Convergence.js -> file:///C:/Users/Jeremy/AppData/Roaming/Mozilla/Firefox/Profi les/1mcdivng.default/extensions/[email protected]/chrome/content /ctypes/NSS.js:241:26' 1:Convergence.prototype.initializeCtypes@file:///C:/Users/Jeremy/AppData/R
oaming/Mozilla/Firefox/Profiles/1mcdivng.default/extensions/convergence@extensio
n.fraggod.net/components/Convergence.js:110:7'
2: Convergence@file:///C:/Users/Jeremy/AppData/Roaming/Mozilla/Firefox/Prof iles/1mcdivng.default/extensions/[email protected]/components/Co nvergence.js:34:5' 3:XPCOMUtils__getFactory/factory.createInstance@resource://gre/modules/XPC
OMUtils.jsm:292:19'
4: ConvergenceContentPolicy@file:///C:/Users/Jeremy/AppData/Roaming/Mozilla /Firefox/Profiles/1mcdivng.default/extensions/[email protected]/ components/ConvergenceContentPolicy.js:31:29' 5:XPCOMUtils__getFactory/factory.createInstance@resource://gre/modules/XPC
OMUtils.jsm:292:19'
This looks potentially relevant: https://bugzilla.mozilla.org/show_bug.cgi?id=975229#c15
So, it seems that Mozilla removed some stuff from the NSS DLL that ships with Firefox. This isn't the first time they've done this, and it might not be the last. I believe the NSS DLL that ships with XULRunner is unaffected (although I'm not certain of this); if that's true then it might be simplest to just ship the NSS DLL from XULRunner with the Firefox extension. @mk-fg, would you be okay with this?
Honestly - very much "not okay" - shipping opaque binary blob with any security-related product is a "stay the hell away from this crap" message in a huge red letters, I won't ever trust it myself.
That's certainly a valid concern. Since the hash of the dll could be checked against the one that's shipped with XULRunner, and since presumably users already trust Mozilla, in my opinion it's not a huge deal. Is there a better way to get a non-messed-with NSS dll to end users on Windows?
Also, if I was ambiguous, if I were writing that feature, the makefile would download the XULRunner NSS dll directly from Mozilla's server (over HTTPS).
Yeah, you're right, I think downloaded dll is not that big of a deal, indeed, especially on windows. I've initially misinterpreted it as having the thing comitted in the repository, and was a bit too harsh there anyway, sorry about that.
I'm actually not sure why you're asking me about this stuff - it looks like you know what works here and how way better than me, definitely more active and care more about the project. Maybe you should just make a properly maintained fork?
I'll be sure to merge stuff from there when/if I'll get back to working on this, it'd probably way more easy for you to work on, and immediately useful to anyone else too. Can probably link it in the readme file, in case someone's tracking this one.
Will also add you for push access to this repo, though don't see much reason as to why you might want to push stuff here instead of an own fork (with full control, separate trackers and all that).
To be clear - I don't want above to sound like "whatever, do what you want", it's just that you propose nice things and fixes, and I haven't been around much lately to even reply to these, so it feels like I'm just delaying things here needlessly.
Ok, so I tested with the latest XULRunner releases, and they seem to have the same missing symbol problem. So, using the dll file from XULRunner will not fix the issue.
From briefly grepping the code, it looks like the missing symbol is only used by the "Whitelist private PKI signatures" feature. @mk-fg what exactly does this feature do? Is it safe to remove that feature if it makes Convergence work on newer Firefox releases? (I'm not sure if there are other missing symbols as well -- I'm only looking at the first error that gets thrown.)
Don't think I've used it myself, but it sounds like a useful feature, as it allows to e.g. import an intranet certificate and browse all intranet https'es hassle-free with it, which would be sure to fail convergence checks otherwise.
No idea if there are actual users for the thing, but I think main functionality working with latest firefox is definitely a priority over this, so I'd totally just drop the thing for now (until maybe it can be restored later), given such choice.
I was wondering if this will be resolved? Is the project still maintained?
@fireflystorm I'm not actively working on it at the moment. I did apply to do a GSoC project that would generalize Convergence as a SOCKS proxy (in Python), though. I'm not sure if it will be accepted.
Is there a particular reason that the project went quiet. I am surprised that this simple and interesting idea was left behind by both you and moxie? Is there a fundamental issue with the current architecture or is it purely due to other commitments?
@fireflystorm I actually am working on something related to this, but it's with a newer architecture. At the moment I'm only supporting Namecoin validation, but adding support for notaries would probably not be too hard.
@fireflystorm And I just stopped using the thing eventually, which was (naturally) the only motivation to work on it.
Just realized that it's kinda stupid that this fact isn't reflected in the README file, so guess I'll fix that, at least. UPDATE: should be fixed with cff0c6a