tor-dev April 2013

tor-dev@lists.torproject.org

54 participants
59 discussions

Re: [tor-dev] Embedding tor in an application and using tor without opening a port
by Nick Mathewson 13 Apr '13

13 Apr '13

> On Apr 13, 2013 1:42 PM, "wac" <waldoalvarez00(a)yahoo.com> wrote: > > > >> > > Seems you want to put your hands at it so that makes two of us. You don't need to do what I already did. I am preparing the environment to move towards team mode. Check the website http://libtor.org. This name is likely to be a problem with our trademark policy. Please read the policy, and consider a rename. -- Nick

2 1

Re: [tor-dev] Embedding tor in an application and using tor without opening a port
by wac 13 Apr '13

13 Apr '13

Hi Navis: Good to hear you built it. I have a working library with a defined API but is not re-entrant. It can connect with a server over Tor circuits and transmit/receive data but nothing is re-entrant at all. So the same Tor thread must be used for all of that ATM. I can fetch webpages like that however and can also do some limited chit-chat over IRC. I attempted to add some locking to some of the data structures but that is insufficient. For instance lists and buffers. Hash tables are complex. They are defined with some macros in order to make them generic overcoming some limitations of C language but they are less than maintainable IMHO. So I was thinking to replace them with another one already built with a similar license but re-entrant. Found a very good one. I have a couple of ideas to make it usable before that happens however. Seems you want to put your hands at it so that makes two of us. You don't need to do what I already did. I am preparing the environment to move towards team mode. Check the website http://libtor.org. In any case remember all of this to make it solid is not just about coding. Regards Waldo ------------------------------ On Thu, Apr 11, 2013 21:29 EDT Navin Francis wrote: >I managed to build it with MSVC after tinkering with the code a little. Did >you guys make any progress in making tor a library? It seems like I can >directly call functions like handle_getinfo_helper in control.c to control >tor. > >//application_main.cpp >//Application that starts tor in a new thread in the same process >#include <future> >#include <iostream> >#include "libtor.h" >using namespace std; >int main(int argc, char *argv[]){ >auto tor_return=async(launch::async,start_tor_main,argc, argv); >while (tor_return.wait_for(chrono::seconds(2))!=future_status::ready){ >char *ans; >const char *errmsg; >handle_getinfo_helper(NULL, "config/names", &ans, &errmsg); >cout<"application is running! ["<ans<"]"<endl; >} >return tor_return.get(); >} > >//libtor.h >//Duplicates the definitions in Tor. If there is a way around this, do >tell! :) >extern "C"{ >int start_tor_main(int argc, char *argv[]);//Tor's main() is renamed to >start_tor_main >int >handle_getinfo_helper(void *control_conn, >const char *question, char **answer, >const char **err_out); >} > >It seems like handle_getinfo_helper is called asynchronously by tor >whenever a GETINFO is recieved on the control port so I don't need >locking/synchronization. Can someone confirm this? > > >On Sun, Apr 7, 2013 at 4:40 AM, Gisle Vanem <gvanem(a)broadpark.no> wrote: >> >> I didn't read the original messege on this, but you have problem building >> Tor and it's libs using MSVC? If so, >> you could try my "GNU make" based system for MingW + >> MSVC here: >> http://home.broadpark.no/~**gvanem/misc/#tor<http://home.broadpark.no/~gvanem/misc/#tor> >> http://home.broadpark.no/~**gvanem/misc/tor-windows.zip<http://home.broadpark.no/~gvanem/misc/tor-windows.zip> >> >> I just tested it with today's Tor Git-repo. And it works for me. >> >> --gv >>

2 1

Re: [tor-dev] [tor-relays] BitTorrent complaint
by grarpamp 12 Apr '13

12 Apr '13

Swiped from the 'BitTorrent complaint' thread over on relays... > If an exit relay then drops that > connection silently, Tor (and the user) cannot know it needs to select a > different exit. The connections simply fail. > ... > What you do with that iptables rule (or similar rules) is block a bunch > of URLs. There may be room to take and work this capability further... Instead of populating the directory with the actual exit policies, offload this into a client poll of a set of live exits the client wishes to queuing up for rotation into for common ports, or even ports it's recently seen in use. Plus a general random poll to ensure N number of exits are held that will be able to service the full matrix of 65536 ports M-times redundantly, sortof like tor_exitlist.py function. Then like Tor transparent proxy to the host's packet filter, there can be a way the exit can read, API, or be fed the host's current rules to then be polled for it by the client. Plus an expected ruleset lite/timeout value. Users of custom policies would need to use separate rule tables, interfaces, or be smart about about any sensitive rule data if they care. Directories would still carry all exits. But only predefined policies efficiently marked by an 8 bit label. 0) non-exit 1) fully open 2) pollme 3) reduced 4) std set A 5) std set B, etc. Client releases hold the policy label map, including revoked and reserved label definitions. Or the map can be held in realtime dht or alikes.

1 0

Re: [tor-dev] Embedding tor in an application and using tor without opening a port
by Navin Francis 12 Apr '13

12 Apr '13

I managed to build it with MSVC after tinkering with the code a little. Did you guys make any progress in making tor a library? It seems like I can directly call functions like handle_getinfo_helper in control.c to control tor. //application_main.cpp //Application that starts tor in a new thread in the same process #include <future> #include <iostream> #include "libtor.h" using namespace std; int main(int argc, char *argv[]){ auto tor_return=async(launch::async,start_tor_main,argc, argv); while (tor_return.wait_for(chrono::seconds(2))!=future_status::ready){ char *ans; const char *errmsg; handle_getinfo_helper(NULL, "config/names", &ans, &errmsg); cout<<"application is running! ["<<ans<<"]"<<endl; } return tor_return.get(); } //libtor.h //Duplicates the definitions in Tor. If there is a way around this, do tell! :) extern "C"{ int start_tor_main(int argc, char *argv[]);//Tor's main() is renamed to start_tor_main int handle_getinfo_helper(void *control_conn, const char *question, char **answer, const char **err_out); } It seems like handle_getinfo_helper is called asynchronously by tor whenever a GETINFO is recieved on the control port so I don't need locking/synchronization. Can someone confirm this? On Sun, Apr 7, 2013 at 4:40 AM, Gisle Vanem <gvanem(a)broadpark.no> wrote: > > I didn't read the original messege on this, but you have problem building > Tor and it's libs using MSVC? If so, > you could try my "GNU make" based system for MingW + > MSVC here: > http://home.broadpark.no/~**gvanem/misc/#tor<http://home.broadpark.no/~gvanem/misc/#tor> > http://home.broadpark.no/~**gvanem/misc/tor-windows.zip<http://home.broadpark.no/~gvanem/misc/tor-windows.zip> > > I just tested it with today's Tor Git-repo. And it works for me. > > --gv >

1 0

(Py)Obfsproxy Debian packages
by George Kadianakis 11 Apr '13

11 Apr '13

Greetings (Debian) people, we have decided to keep the Obfsproxy name and simply replace the old C codebase with the new Python codebase. It seems that 'obfsproxy' is an extremely powerful brand name and changing it will result in user confusion. That said, what is the best way to update the Debian packages so that they contain the Python codebase? I remember weasel telling me that updated packages can only be included in Debian after wheezy is stabilized. Can we have Python Obfsproxy packages in deb.torproject.org in the meantime? Lunar, how did the Debian package creation go? Do you need any help? We should name the new packages 'obfsproxy'. (Sorry for the duplicate mail, but I forgot to CC tor-dev in the previous one.)

3 7

Building Tor on OS X with brew fails
by Bernard Tyers - ei8fdb 11 Apr '13

11 Apr '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, I just tried building Tor with brew on OS X (10.6.8) using the instructions available on the TP website ( ). It fails at the last few steps complaining of a 404: Homebrew. If formula fail to build uninstall Macports/Fink and reinstall any affected formula. Also installing dependencies: libevent ==> Downloading http://monkey.org/~provos/libevent-2.0.12-stable.tar.gz ######################################################################## 100.0% ==> ./configure --prefix=/usr/local/Cellar/libevent/2.0.12 ==> make install /usr/local/Cellar/libevent/2.0.12: 47 files, 2.0M, built in 66 seconds ==> Downloading https://www.torproject.org/dist/tor-0.2.1.30.tar.gz curl: (22) The requested URL returned error: 404 Error: Failure while executing: /usr/bin/curl -f#LA Homebrew\ 0.8\ (Ruby\ 1.8.7-358;\ Mac\ OS\ X\ 10.6.8) https://www.torproject.org/dist/tor-0.2.1.30.tar.gz -o /Library/Caches/Homebrew/tor-0.2.1.30.tar.gz I can confirm that https://www.torproject.org/dist/tor-0.2.1.30.tar.gz is (to me) a 404. I know I can install TBB but I was curious if this approach also worked. Has the location moved? Thanks. Bernard - -------------------------------------- Bernard / bluboxthief / ei8fdb IO91XM / www.ei8fdb.org -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJRZw0rAAoJENsz1IO7MIrrI+oH/jE6hxAeTb9SD3orihGZ0Hn4 wVxf9MkagvH4aS2Hl33FUycr0liy6JqHxxXa16NjZqAfiuUstvQiEiMWAXah1Oa9 A0qNjNOfnmi0BsxJES4E30e3+MvmGzNw4fLjos6iPk2B/+s5orqSv2cba5iVEwXp 3VsqhFOlugVatI592201K9+tQgl/a1aCXfZnW1t4GFqAIf2ApdoX89cV1l3jqMDP NYOZRaX79FGB7iF+/3SrTKtEwVifjAh/IoCx4cEuVOpGFjFt0Jmkgbd1ThlKYqwn TYLFUdKWhebl1N9v4fjow0sXrXh71g3oBuavX2XA+YFqG/ChBDSFPKzps2JyWIQ= =BiEt -----END PGP SIGNATURE-----

3 3

Fwd: Fwd: Orbot feature for GSoC 2013
by Nathan Freitas 11 Apr '13

11 Apr '13

Is there room for an Orbot developer under Tor's GSoC? I know that I was completely awol during this process, and not a mentor, but this is a worthwhile effort! -------- Original Message -------- Subject: Fwd: Orbot feature for GSoC 2013 Date: Thu, 11 Apr 2013 17:50:26 +0200 From: Pavlos <onexemailx(a)gmail.com> To: nathan(a)guardianproject.info CC: abel(a)guardianproject.info Hello, I talked in #tor-dev and asked about a feature I could implement for Orbot as part of Google summer of code 2013 and abel suggested the implementation of the android 4.x's VPN Service as a way to get rootless transparent torification. I understand this was created https://github.com/guardianproject/OrbotVPN but for some reason couldn't be finished? Is it plausible to implement it? If not maybe there is something else I could make? Some words about me: I'm a CS student at my 5th year. I finished with my courses a year ago and I'm just enrolled because I'm an intern at CERN and have to be a student. My github is here: https://github.com/uberspot/ I have worked previously on two android apps (OpenWifiStatistics that coorelates gps with wifi scan data and AnagramSolver for solving anagrams) and I have another one almost complete (a lan multiplayer trivia game). Kindly awaiting your responce, Paul

3 3

Help me test Tor Browser Launcher
by Micah Lee 10 Apr '13

10 Apr '13

I posted a little over a month ago about Tor Browser Launcher, a project I've been working on to make it easier for GNU/Linux users to securely download, install, keep updated, and launch TBB: https://github.com/micahflee/torbrowser-launcher I think it's about ready for a first release! I wrote a blog post all about it (including screenshots), where I ask for help testing it: https://micahflee.com/2013/04/sudo-apt-get-install-torbrowser/ Please give me feedback, and post any bugs you find on the GitHub issue tracker. Also, at Tom's suggestion I posted this ticket to get Tor Browser Launcher in deb.torproject.org: https://trac.torproject.org/projects/tor/ticket/8648 Can someone respond to get the ball rolling? Thanks! -- Micah Lee https://twitter.com/micahflee

2 4

Tor in Google Summer of Code 2013
by Damian Johnson 10 Apr '13

10 Apr '13

Interested in coding on Tor and getting paid for it by Google? If you are a student, we have good news for you: We have been accepted as a mentoring organization for Google Summer of Code 2013! https://www.google-melange.com/gsoc/homepage/google/gsoc2013 https://www.google-melange.com/gsoc/org/google/gsoc2013/tor Here are the facts: The summer of code gives you the opportunity to work on your own Tor-related coding project with one of the Tor developers as your mentor. You can apply for a coding project related to Tor itself or to one of its many supplemental projects... https://www.torproject.org/getinvolved/volunteer.html.en#Projects Your mentor will help you when you're stuck with your project and guide you in becoming part of the Tor community. Google pays you 5,000 USD for the three months of your project, so that you can focus on coding and don't have to worry about how to pay your bills. Did we catch your attention? These are your next steps: Go look at the Google Summer of Code FAQ [1] to make sure you are eligible to participate. Have a look at our ideas list [2] to see if one of those projects matches your interests. If there is no project on that list that you'd want to work on, read the documentation on our website [3] and make up your own project idea! Come to #tor-dev on OFTC [4] and let us know about your project idea. Communication is essential to success in the summer of code, and we're unlikely to accept students we haven't heard from before reading their application. So really, come to the IRC channel and talk to us! Finally, write down your project idea using our template [5] and submit your application to Google until May 3, 2013 [6]. We are looking forward to discussing your project idea with you! [1] https://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2… [2] https://www.torproject.org/about/gsoc.html.en#Ideas [3] https://www.torproject.org/docs/documentation.html.en#UpToSpeed [4] https://www.torproject.org/about/contact.html.en#irc [5] https://www.torproject.org/about/gsoc.html.en#Template [6] https://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2…

1 0

Hidden service access without TOR
by Jesus Cea 09 Apr '13

09 Apr '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Somebody pointed to me "Using Tor as a library" <https://lists.torproject.org/pipermail/tor-dev/2013-March/004564.html>. I am thinking about writing a proxy service to install in your local machine to be able to access TOR Hidden Services without having to install the full TOR in your machine. Client anonimity here is not an issue, but being able to access to "onion" hidden services easily and faster than providing mutual anonimity. All documentation I see describes the hidden services from a high level view, but I would like to be able to connect to them without involving TOR. And without reading TOR sourcecode :-) Is this current? <https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=rend-spec.…> The client needing to open her own rendezvous incoming port is a problem :). What if the client doesn't need anonimity?. Any suggestion? Is the recomended/only way, to simply compile as library and call "tor_main()"?. No other choice?. Thanks! - -- Jesús Cea Avión _/_/ _/_/_/ _/_/_/ jcea(a)jcea.es - http://www.jcea.es/ _/_/ _/_/ _/_/ _/_/ _/_/ Twitter: @jcea _/_/ _/_/ _/_/_/_/_/ jabber / xmpp:jcea@jabber.org _/_/ _/_/ _/_/ _/_/ _/_/ "Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/ "El amor es poner tu felicidad en la felicidad de otro" - Leibniz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQCVAwUBUWOaLplgi5GaxT1NAQKfvAP/fKYx4jVTNfzD1ZYGC1xVIFy/P6jFclWr kW95YDavZ7LHNhIgd/LlQ1mS0QViN6p7zOi7OOie8bhdIa6POVdsE8sYplUKEL4d vnx/XEH5rgVrLC9es4MQMLu4dqxpaN/mTmKpRGvCi4stPJ+S5dQqa+8U5m8eu5un RpjNbClG50g= =Y+RA -----END PGP SIGNATURE-----

2 1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-dev April 2013