adium 4713:46d26d1fcbfd: Add a "Tor (SOCKS5)" proxy option, whic...

commits at adium.im commits at adium.im
Sun Mar 4 19:10:44 UTC 2012 

details:	http://hg.adium.im/adium/rev/46d26d1fcbfd
revision:	4713:46d26d1fcbfd
branch:		TorProxyType
author:		Thijs Alkemade <thijsalkemade at gmail.com>
date:		Sun Mar 04 20:01:46 2012 +0100

Add a "Tor (SOCKS5)" proxy option, which uses the Tor proxy option of libpurple.

This is basically a SOCKS5 proxy that forbids doing an DNS request locally, to prevent leaking information when using Tor.

Refs #15161
Subject: adium 4714:89eb0d28dc0f: When using the Tor proxy type, do not check if the host is up ever. Instead, check if the proxy is up.

details:	http://hg.adium.im/adium/rev/89eb0d28dc0f
revision:	4714:89eb0d28dc0f
branch:		TorProxyType
author:		Thijs Alkemade <thijsalkemade at gmail.com>
date:		Sun Mar 04 20:06:50 2012 +0100

When using the Tor proxy type, do not check if the host is up ever. Instead, check if the proxy is up.

This would leak the hostname, as it does a DNS request. However, while it makes sense to check if the proxy is reachable, the proxy is usually localhost, so the reachability check doesn't help determining if connecting to the remote server is going to work.

Refs #15161

diffs (142 lines):

diff -r 0b511a094a1e -r 89eb0d28dc0f Frameworks/Adium Framework/Source/AIAccount.h
--- a/Frameworks/Adium Framework/Source/AIAccount.h	Sun Mar 04 19:35:28 2012 +0100
+++ b/Frameworks/Adium Framework/Source/AIAccount.h	Sun Mar 04 20:06:50 2012 +0100
@@ -54,7 +54,8 @@
 	Adium_Proxy_Default_HTTP,
 	Adium_Proxy_Default_SOCKS4,
 	Adium_Proxy_Default_SOCKS5,
-	Adium_Proxy_None
+	Adium_Proxy_None,
+    Adium_Proxy_Tor
 } AdiumProxyType;
 
 //Privacy
@@ -330,6 +331,16 @@
  */
 - (BOOL)shouldLogChat:(AIChat *)chat;
 
+/*!
+ * @brief The proxy's type used for this account.
+ */
+- (AdiumProxyType)proxyType;
+
+/*!
+ * @brief The proxy's hostname the user entered for this account.
+ */
+- (NSString *)proxyHost;
+
 @end
 
 @interface AIAccount (Private_ForSubclasses)
diff -r 0b511a094a1e -r 89eb0d28dc0f Frameworks/Adium Framework/Source/AIAccount.m
--- a/Frameworks/Adium Framework/Source/AIAccount.m	Sun Mar 04 19:35:28 2012 +0100
+++ b/Frameworks/Adium Framework/Source/AIAccount.m	Sun Mar 04 20:06:50 2012 +0100
@@ -96,6 +96,7 @@
 	Adium_Proxy_Default_HTTP_AS = 'DHTP',
 	Adium_Proxy_Default_SOCKS4_AS = 'DSK4',
 	Adium_Proxy_Default_SOCKS5_AS = 'DSK5',
+    Adium_Proxy_Tor_AS = 'TOS5',
 	Adium_Proxy_None_AS = 'NONE'
 } AdiumProxyTypeApplescript;
 
@@ -1506,6 +1507,8 @@
 			return Adium_Proxy_Default_SOCKS4;
 		case Adium_Proxy_Default_SOCKS5_AS:
 			return Adium_Proxy_Default_SOCKS5;
+        case Adium_Proxy_Tor_AS:
+            return Adium_Proxy_Tor;
 		default:
 			return Adium_Proxy_None;
 	}
@@ -1526,6 +1529,8 @@
 			return Adium_Proxy_Default_SOCKS4_AS;
 		case Adium_Proxy_Default_SOCKS5:
 			return Adium_Proxy_Default_SOCKS5_AS;
+        case Adium_Proxy_Tor:
+            return Adium_Proxy_Tor_AS;
 		default:
 			return Adium_Proxy_None_AS;
 	}
diff -r 0b511a094a1e -r 89eb0d28dc0f Plugins/Purple Service/CBPurpleAccount.m
--- a/Plugins/Purple Service/CBPurpleAccount.m	Sun Mar 04 19:35:28 2012 +0100
+++ b/Plugins/Purple Service/CBPurpleAccount.m	Sun Mar 04 20:06:50 2012 +0100
@@ -1993,6 +1993,9 @@
 		case Adium_Proxy_Default_SOCKS5:
 			purpleAccountProxyType = PURPLE_PROXY_SOCKS5;
 			break;
+        case Adium_Proxy_Tor:
+            purpleAccountProxyType = PURPLE_PROXY_TOR;
+            break;
 		case Adium_Proxy_None:
 		default:
 			purpleAccountProxyType = PURPLE_PROXY_NONE;
@@ -2002,7 +2005,16 @@
 	purple_proxy_info_set_type(proxy_info, purpleAccountProxyType);
 
 	if (proxyType != Adium_Proxy_None) {
-		purple_proxy_info_set_host(proxy_info, (char *)[[proxyConfig objectForKey:@"Host"] UTF8String]);
+        
+        /* In Tor mode, libpurple will not do any DNS queries itself, ever.
+         * However, if the user entered "localhost" as the proxy, then that will not be resolved either!
+         * Let's help the user here by replacing it with 127.0.0.1.
+         */
+        if ([[proxyConfig objectForKey:@"Host"] isEqualToString:@"localhost"]) {
+            purple_proxy_info_set_host(proxy_info, "127.0.0.1");
+        } else {
+            purple_proxy_info_set_host(proxy_info, (char *)[[proxyConfig objectForKey:@"Host"] UTF8String]);
+        }
 		purple_proxy_info_set_port(proxy_info, [(NSNumber*)[proxyConfig objectForKey:@"Port"] intValue]);
 
 		purple_proxy_info_set_username(proxy_info, (char *)[[proxyConfig objectForKey:@"Username"] UTF8String]);
diff -r 0b511a094a1e -r 89eb0d28dc0f Source/AIAccountProxySettings.m
--- a/Source/AIAccountProxySettings.m	Sun Mar 04 19:35:28 2012 +0100
+++ b/Source/AIAccountProxySettings.m	Sun Mar 04 20:06:50 2012 +0100
@@ -258,6 +258,7 @@
 	[proxyMenu addItem:[self _proxyMenuItemWithTitle:AILocalizedString(@"Systemwide HTTP Settings",nil) tag:Adium_Proxy_Default_HTTP]];
 	[proxyMenu addItem:[self _proxyMenuItemWithTitle:@"SOCKS4" tag:Adium_Proxy_SOCKS4]];
 	[proxyMenu addItem:[self _proxyMenuItemWithTitle:@"SOCKS5" tag:Adium_Proxy_SOCKS5]];
+    [proxyMenu addItem:[self _proxyMenuItemWithTitle:AILocalizedString(@"Tor (SOCKS5)",nil) tag:Adium_Proxy_Tor]];
 	[proxyMenu addItem:[self _proxyMenuItemWithTitle:@"HTTP" tag:Adium_Proxy_HTTP]];
 	
 	return [proxyMenu autorelease];
diff -r 0b511a094a1e -r 89eb0d28dc0f Source/ESAccountNetworkConnectivityPlugin.m
--- a/Source/ESAccountNetworkConnectivityPlugin.m	Sun Mar 04 19:35:28 2012 +0100
+++ b/Source/ESAccountNetworkConnectivityPlugin.m	Sun Mar 04 20:06:50 2012 +0100
@@ -120,7 +120,7 @@
 
 		if (account.enabled &&
 			[account connectivityBasedOnNetworkReachability]) {
-			NSString *host = [account host];
+			NSString *host = ([account proxyType] == Adium_Proxy_Tor ? [account proxyHost] : [account host]);
 			if (host && ![knownHosts containsObject:host]) {
 				[monitor addObserver:self forHost:host];
 				[knownHosts addObject:host];
@@ -173,7 +173,9 @@
 		if (networkIsReachable && [accountsToNotConnect containsObject:account]) {
 			[accountsToNotConnect removeObject:account];
 		} else {
-			if ([[account host] isEqualToString:host]) {
+            NSString *accountHost = ([account proxyType] == Adium_Proxy_Tor ? [account proxyHost] : [account host]);
+            
+			if ([accountHost isEqualToString:host]) {
 				[self handleConnectivityForAccount:account reachable:networkIsReachable];
 			}
 		}
@@ -298,7 +300,7 @@
 			if (account.enabled) {
 				//Start observing for this host if we're not already
 				if ([account connectivityBasedOnNetworkReachability]) {
-					NSString *host = [account host];
+					NSString *host = ([account proxyType] == Adium_Proxy_Tor ? [account proxyHost] : [account host]);
 					AIHostReachabilityMonitor *monitor = [AIHostReachabilityMonitor defaultMonitor];
 	
 					[account setValue:[NSNumber numberWithBool:YES] forProperty:@"isWaitingForNetwork" notify:NotifyNow];
@@ -393,7 +395,7 @@
 	for (AIAccount *account in adium.accountController.accounts) {
 		if (account.enabled &&
 			[account connectivityBasedOnNetworkReachability]) {
-			NSString *host = [account host];
+			NSString *host = ([account proxyType] == Adium_Proxy_Tor ? [account proxyHost] : [account host]);
 			
 			if (host &&
 				![monitor observer:self isObservingHost:host]) {

More information about the commits mailing list