adns and TOR
ijackson at chiark.greenend.org.uk
Tue Oct 20 17:11:43 CEST 2015
Werner Koch writes ("adns and TOR"):
> With the standard resolver this is not possible. Adding a full-fledged
> resolver library to Dirmngr is overkill and we will likely run into
> problems under Windows. My idea is to make use of the ADNS library. A
> quick check showed that it is not too much work to add SOCKS5 support
> (to access TOR) and a flag to enable this.
> Unfortunately back then the ADNS author did not liked the use of
> autotools and was not genuinely interested in Windows support.
I'm afraid that my enthusiasm for Windows support is still quite low.
In particular, I definitely don't want to deal with libtool, nor with
> - Check with upstream ADNS whether adding SOCKS5 support and a TOR flag
> would be accepted, develop that, and keep keep the APIs of my
> (Windows) port and upstream in sync.
I would prefer this.
I'm hoping that we can reasonably quickly converge on an appropriate
API for adns. I don't feel I understand the TOR constraints and
architecture well enough to have a good opinion yet.
So I am going to ask some questions which may seem foolish.
> Meanwhile I implemented a Tor mode to my ADNS version:
I'm afraid this commit is very hard to read in your gitweb due to all
the whitespace change noise.
> Do you have an interest to add it to upstream or can we agree on
> a flag value to be used for such a feature? I use this:
I am not opposed to supporting SOCKS. But I don't understand why so
much of this has to be done in adns. Can't SOCKS provide `connect' ?
Is there not some library with the SOCKS protocol client ?
> - adns_if_checkc_freq= 0x0300 /* consistency checks very frequently (slow!) */
> + adns_if_checkc_freq= 0x0300,/* consistency checks very frequently (slow!) */
> + adns_if_tormode= 0x1000 /* route all trafic via TOR. */
Also, I don't understand why it isn't better to use adns_init_strcfg.
Do we want other random utilities, eg command line utilities, to be
able to use the socksified adns ?
And I don't understand why it is a good idea to teach adns about TOR
rather than to have the next-layer-up TOR things know about that.
But perhaps I don't understand how the TOR client software is
structured. If you point me to something where I could do some
reading, I'm happy to read up on it.
More information about the Gnupg-devel