Delivery-Date: Mon, 25 May 2015 11:20:23 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 6556B1E09F2;
	Mon, 25 May 2015 11:20:20 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 22B7534F23;
	Mon, 25 May 2015 15:20:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 1F3C334C28
 for <tor-talk@lists.torproject.org>; Mon, 25 May 2015 15:19:50 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id XBup5q_IIJvl for <tor-talk@lists.torproject.org>;
 Mon, 25 May 2015 15:19:50 +0000 (UTC)
Received: from mail-yk0-x22f.google.com (mail-yk0-x22f.google.com
 [IPv6:2607:f8b0:4002:c07::22f])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id E32CC34BB3
 for <tor-talk@lists.torproject.org>; Mon, 25 May 2015 15:19:46 +0000 (UTC)
Received: by yken206 with SMTP id n206so6037285yke.2
 for <tor-talk@lists.torproject.org>; Mon, 25 May 2015 08:19:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=3FxzdKyXb3uMotTMWTO0ZfdF1i38oyrj437KGpsfnBI=;
 b=KJ7fQ18+yINmaFgR4sUySWgr9hH3ftPSyUnsjEyisI7j3gAcbMvGAZq8RWK6toxcnC
 jeubVtuZ1hPbNiPnoazhuP2Fr7ieWytjblcztm1t3aI5P+FlTIQvdYcNld5WKZSKbPCl
 trmKQOe0N+m9VqD6PEsOhHRL1O6oHZZhIrJosdoOp261nUr/MIPUejHj1CtIaCp6Knml
 RiKSz/4c8dr3/BvAazCeuLWy41zFyAu3uF+fiEbDzweg203K8VniW8ZD1zb99e/6bFki
 4Nx1KXM3Y1J3iV0QvL/zU3IhfblRU7Xo1icTGSXVbM2lUCC0JpfM4JPNOk0SZ8IvzfcJ
 V+ng==
MIME-Version: 1.0
X-Received: by 10.236.11.111 with SMTP id 75mr20628191yhw.14.1432567184346;
 Mon, 25 May 2015 08:19:44 -0700 (PDT)
Received: by 10.129.110.196 with HTTP; Mon, 25 May 2015 08:19:44 -0700 (PDT)
Received: by 10.129.110.196 with HTTP; Mon, 25 May 2015 08:19:44 -0700 (PDT)
In-Reply-To: <20150524193238.0686BA291D@smtp.hushmail.com>
References: <5561B2DB.4050407@gmail.com>
 <E63D0E68-C57E-4D06-8BDA-86371F2A4785@tvdw.eu>
 <5561B66D.8000101@gmail.com> <5561B93E.3020002@sky-ip.org>
 <5561BE2A.7050709@gmail.com>
 <20150524135410.1D39AA291E@smtp.hushmail.com>
 <5561E45A.4000402@gmail.com>
 <20150524193238.0686BA291D@smtp.hushmail.com>
Date: Mon, 25 May 2015 11:19:44 -0400
Message-ID: <CABn7VeqHacHk=7ZNfT_HbJmiDwR5FZ4hVOO8J+DxS6vC3GCb8A@mail.gmail.com>
From: Quinn Jarrell <quinnjarr@gmail.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] SOCKS proxy to sit between user and Tor?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi,
I think you should look into the pluggable transports documentation as I
think it's exactly what you need. They use a socks implementation to
redirect tor traffic and can rewrite the destination. I used it in my gsoc
project fog: https://github.com/infinity0/fog
On May 24, 2015 3:33 PM, "l.m" <ter.one.leeboi@hush.com> wrote:

> Hi Jeremy,
>
> Thank you for the thoughtful and thorough reply! I  think the users of
> your software will appreciate you wanting to minimize  attack surface.
> One thing I've noticed about mitmproxy is that it  appears to only
> support SOCKS upstream proxies *without* authentication.  It's also a
> http proxy, so although it's certainly useful, it may not  meet your
> current requirements (in transparent proxy mode you'll exclude support
> on Windows). I may be mistaken of course.
>
> If I understand correctly you  intend to use the intermediate SOCKS
> proxy to perform the translation of  .bit address to destination
> format. If the address doesn't require  translation you'll pass it
> through along with any authentication used  for domain-isolation. The
> downside of using an intermediate proxy is  that you'll have an extra
> dependency. The intermediate proxy needs to be  modified to perform
> lookups against a local resolver as needed. If  proposal 229 [1] is
> implemented you'll need to be aware of the changes.  This may turn
> into maintenance difficulty in the long run.
>
> If this  were a regular browser you could always just setup the local
> DNS  resolver to forward if not resolving .bit addresses. Since this
> is tor  you need to make that resolver aware of tor being used, and to
> use the  SOCKS proxy instead (or tor-resolve). So maybe that's one
> option. Have a  local DNS resolver which forwards to tor after
> checking the address  (and turn off browser Remote DNS). That is to
> say it might be easier to  maintain your own resolver implementation
> which can be kept as simple as  you need. This would keep (some)
> cross-browser compatibility, from TBB,  to Firefox. The downside being
> the whole system will rely on the  resolver so you'll have to worry
> about: conflicts with other local  resolvers (dnsmasq, some vpn), or
> need to set the DNS server manually.  It looks like you do this
> currently. If the local resolver wrapped all  the related processes
> you could make a UI available to indicate status.
>
> As a browser-plugin based alternative, maybe you can do without the
> extra SOCKS proxy by a change to the plugin design. Say you use
> Observer Notifications in the plugin. Now intercept the address and if
> it ends in .bit make a request against a (local) server holding the
> blockchain. This provides some flexibility in that you're not
> restricted to using a SOCKS proxy. It should work with TBB. Unless I'm
> mistaken (and I frequently am) websockets are enabled (check with
> tbb-devs on this). An alternative approach would be to create your own
> address bar for resolving addresses using the same approach previously
> mentioned. There's a downside to this approach, in that if someone
> were to use the regular bar, the resolve will be relayed using tor,
> which might actually work if the exit DNS is setup to resolve
> namecoin.
>
> Besides that, I'm only familiar with the SSH SOCKS proxy, and Tor's
> SOCKS proxy. I can only look at the list of SOCKS servers on
> Wikipedia, or HAProxy, as was previously mentioned, for other options.
>
> In any case, thank you for trying to make FreeSpeechMe compatible with
> tor.
>
> --leeroy
>
> [1]
>
> https://gitweb.torproject.org/torspec.git/tree/proposals/229-further-socks5-extensions.txt
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

