From 0568d325ad8660a9966d552634aa17c90ed22516 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sat, 6 Aug 2016 22:54:31 +0200 Subject: http: auto-configure for local Tor proxy if called as 'tor' With apts http transport supporting socks5h proxies and all the work in terms of configuration of methods based on the name it is called with it becomes surprisingly easy to implement Tor support equally (and perhaps even a bit exceeding) what is available currently in apt-transport-tor. How this will turn out to be handled packaging wise we will see in https://lists.debian.org/deity/2016/08/msg00012.html , but until this is resolved we can add the needed support without actively enabling it for now, so that this can be tested better. --- methods/http.cc | 3 +++ methods/https.cc | 2 ++ methods/server.cc | 26 ++++++++++++++++++++++++++ methods/server.h | 3 +++ 4 files changed, 34 insertions(+) diff --git a/methods/http.cc b/methods/http.cc index 1ed2e3629..0358b50cd 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -357,6 +357,9 @@ bool HttpServerState::Open() Proxy = ""; } + if (Proxy.empty() == false) + Owner->AddProxyAuth(Proxy, ServerName); + if (Proxy.Access == "socks5h") { if (Connect(Proxy.Host, Proxy.Port, "socks", 1080, ServerFd, TimeOut, Owner) == false) diff --git a/methods/https.cc b/methods/https.cc index 47dce2ea0..283126f6b 100644 --- a/methods/https.cc +++ b/methods/https.cc @@ -213,6 +213,8 @@ bool HttpsMethod::SetupProxy() /*{{{*/ if (UseProxy.empty() == false) { Proxy = UseProxy; + AddProxyAuth(Proxy, ServerName); + if (Proxy.Access == "socks5h") curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5_HOSTNAME); else if (Proxy.Access == "socks5") diff --git a/methods/server.cc b/methods/server.cc index 7c85c8abb..0888617b1 100644 --- a/methods/server.cc +++ b/methods/server.cc @@ -794,3 +794,29 @@ ServerMethod::ServerMethod(std::string &&Binary, char const * const Ver,unsigned { } /*}}}*/ +bool ServerMethod::Configuration(std::string Message) /*{{{*/ +{ + if (aptMethod::Configuration(Message) == false) + return false; + + _config->CndSet("Acquire::tor::Proxy", + "socks5h://apt-transport-tor@localhost:9050"); + return true; +} + /*}}}*/ +bool ServerMethod::AddProxyAuth(URI &Proxy, URI const &Server) const /*{{{*/ +{ + if (std::find(methodNames.begin(), methodNames.end(), "tor") != methodNames.end() && + Proxy.User == "apt-transport-tor" && Proxy.Password.empty()) + { + std::string pass = Server.Host; + pass.erase(std::remove_if(pass.begin(), pass.end(), [](char const c) { return std::isalnum(c) == 0; }), pass.end()); + if (pass.length() > 255) + Proxy.Password = pass.substr(0, 255); + else + Proxy.Password = std::move(pass); + } + // FIXME: should we support auth.conf for proxies? + return true; +} + /*}}}*/ diff --git a/methods/server.h b/methods/server.h index f6a635dca..1d114354f 100644 --- a/methods/server.h +++ b/methods/server.h @@ -156,6 +156,9 @@ class ServerMethod : public aptMethod virtual void SendReq(FetchItem *Itm) = 0; virtual std::unique_ptr CreateServerState(URI const &uri) = 0; virtual void RotateDNS() = 0; + virtual bool Configuration(std::string Message) APT_OVERRIDE; + + bool AddProxyAuth(URI &Proxy, URI const &Server) const; ServerMethod(std::string &&Binary, char const * const Ver,unsigned long const Flags); virtual ~ServerMethod() {}; -- cgit v1.2.3