Inicio Explorar Axuda
Iniciar sesión
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Make the torify script use torify when available.

Update Torify to use torsocks by default and to warn when the user is
using the older tsocks program. Update torify and the torify man page
to refelect changes to torify. Add warnings in both.
Jacob Appelbaum %!s(int64=16) %!d(string=hai) anos
pai
6ac3a8b0cd
achega
9043932789
Modificáronse 2 ficheiros con 62 adicións e 21 borrados
Unificar vista Mostrar estatísticas de Diff
  1. 14 4
      contrib/torify.1
  2. 48 17
      contrib/torify.in

+ 14 - 4
contrib/torify.1
Ver ficheiro 

@@ -1,22 +1,27 @@
 
 .TH torify 1 "" Jan-2009 ""
 
 .TH torify 1 "" Jan-2009 ""
 
-.\" manual page by Peter Palfrader
 
+.\" manual page by Peter Palfrader and Jacob Appelbaum
 
 .SH NAME
 
 .SH NAME
 
 .LP
 
 .LP
 
-torify \- wrapper for tsocks and tor
 
+torify \- wrapper for torsocks or tsocks and tor
 
 
 
 .SH SYNOPSIS
 
 .SH SYNOPSIS
 
 \fBtorify\fP\ \fIapplication\fP\ [\fIapplication's\ arguments\fP]
 
 \fBtorify\fP\ \fIapplication\fP\ [\fIapplication's\ arguments\fP]
 
 
 
 .SH DESCRIPTION
 
 .SH DESCRIPTION
 
-\fBtorify\fR is a simple wrapper that calls tsocks with a tor specific
 
+\fBtorify\fR is a simple wrapper that attempts to find the best underlying Tor
 
+wrapper available on a system. It calls torsocks or tsocks with a tor specific
 
 configuration file.
 
 configuration file.
 
 
 
+torsocks is an improved wrapper that explictly rejects UDP, safely resolves DNS
 
+lookups and properly socksifies your TCP connections.
 
+
 
 tsocks itself is a wrapper between the tsocks library and the application
 
 tsocks itself is a wrapper between the tsocks library and the application
 
 that you would like to run socksified.
 
 that you would like to run socksified.
 
 
 
-Please note that since tsocks uses LD_PRELOAD, torify cannot be applied
 
+Please note that since both method use LD_PRELOAD, torify cannot be applied
 
 to suid binaries.
 
 to suid binaries.
 
 
 
+.SH WARNING
 
 You should also be aware that the way tsocks currently works only TCP
 
 You should also be aware that the way tsocks currently works only TCP
 
 connections are socksified.  Be aware that this will in most circumstances
 
 connections are socksified.  Be aware that this will in most circumstances
 
 not include hostname lookups which would still be routed through your
 
 not include hostname lookups which would still be routed through your
 
@@ -25,8 +30,13 @@ normal system resolver to your usual resolving nameservers.  The
 
 The Tor FAQ at https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ might
 
 The Tor FAQ at https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ might
 
 have further information on this subject.
 
 have further information on this subject.
 
 
 
+When used with torsocks, torify should not leak DNS requests or UDP data.
 
+
 
+Both will leak ICMP data.
 
+
 
 .SH SEE ALSO
 
 .SH SEE ALSO
 
 .BR tor (1),
 
 .BR tor (1),
 
 .BR tor-resolve (1),
 
 .BR tor-resolve (1),
 
+.BR torsocks (1),
 
 .BR tsocks (1),
 
 .BR tsocks (1),
 
 .BR tsocks.conf (5).
 
 .BR tsocks.conf (5).

+ 48 - 17
contrib/torify.in
Ver ficheiro 

@@ -10,36 +10,67 @@
 
 
 
 # Define and ensure we have tsocks
 
 # Define and ensure we have tsocks
 
 # XXX: what if we don't have which?
 
 # XXX: what if we don't have which?
 
+TORSOCKS="`which torsocks`"
 
 TSOCKS="`which tsocks`"
 
 TSOCKS="`which tsocks`"
 
+PROG=""
 
 if [ ! -x "$TSOCKS" ]
 
 if [ ! -x "$TSOCKS" ]
 
 then
 
 then
 
-        echo "$0: Can't find tsocks in PATH. Perhaps you haven't installed it?" >&2
 
+	echo "$0: Can't find tsocks in PATH. Perhaps you haven't installed it?" >&2
 
-        exit 1
 
+else
 
+	PROG=$TSOCKS
 
+fi
 
+if [ ! -x "$TORSOCKS" ]
 
+then
 
+	echo "$0: Can't find torsocks in PATH. Perhaps you haven't installed it?" >&2
 
+else
 
+	PROG=$TORSOCKS
 
+fi
 
+
 
+if [ ! -x "$PROG" ]
 
+then
 
+	echo "$0: Can't find the required tor helpers in our PATH. Perhaps you haven't installed them?" >&2
 
+	exit 1;
 
 fi
 
 fi
 
 
 
 # Check for any argument list
 
 # Check for any argument list
 
 if [ "$#" = 0 ]
 
 if [ "$#" = 0 ]
 
 then
 
 then
 
-        echo "Usage: $0 <command> [<options>...]" >&2
 
+	echo "Usage: $0 [-hv] <command> [<options>...]" >&2
 
-        exit 1
 
+	exit 1
 
 fi
 
 fi
 
 if [ "$#" = 1 ] && ( [ "$1" = "-h" ] || [ "$1" = "--help" ] )
 
 if [ "$#" = 1 ] && ( [ "$1" = "-h" ] || [ "$1" = "--help" ] )
 
 then
 
 then
 
-        echo "Usage: $0 <command> [<options>...]"
 
+	echo "Usage: $0 [-hv] <command> [<options>...]"
 
-        exit 0
 
+	exit 0
 
 fi
 
 fi
 
 
 
-# Define our tsocks config file
 
+if [ "$1" = "-v" ] || [ "$1" = "--verbose" ]
 
-TSOCKS_CONF_FILE="@CONFDIR@/tor-tsocks.conf"
 
+then
 
-export TSOCKS_CONF_FILE
 
+	echo "We're armed with the following tsocks: $TSOCKS"
 
+	echo "We're armed with the following torsocks: $TORSOCKS"
 
+	echo "We're attempting to use $PROG for all tor action."
 
+	shift 1
 
+fi
 
 
 
-# Check that we've got a tsocks config file
 
+if [ "$PROG" == "$TSOCKS" ]
 
-if [ -r "$TSOCKS_CONF_FILE" ]
 
 then
 
 then
 
-	exec tsocks "$@"
 
+	# Define our tsocks config file
 
-	echo "$0: Failed to exec tsocks $@" >&2
 
+	TSOCKS_CONF_FILE="/etc/tor/tor-tsocks.conf"
 
-	exit 1
 
+	export TSOCKS_CONF_FILE
 
-else
 
+
 
-	echo "$0: Missing tsocks configuration file \"$TSOCKS_CONF_FILE\"." >&2
 
+	# Check that we've got a tsocks config file
 
-	exit 1
 
+	if [ -r "$TSOCKS_CONF_FILE" ]
 
+	then
 
+		echo "WARNING: tsocks is known to leak DNS and UDP data." >&2
 
+		exec tsocks "$@"
 
+		echo "$0: Failed to exec tsocks $@" >&2
 
+		exit 1
 
+	else
 
+		echo "$0: Missing tsocks configuration file \"$TSOCKS_CONF_FILE\"." >&2
 
+		exit 1
 
+	fi
 
+fi
 
+if [ "$PROG" == "$TORSOCKS" ]
 
+then
 
+	exec torsocks "$@"
 
 fi
 
 fi