New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DNF plugin that automatically use tor #52

Merged
merged 3 commits into from Sep 9, 2016

Conversation

Projects
None yet
3 participants
@mscherer
Contributor

mscherer commented Feb 14, 2016

This plugin will make sure that tor is enabled for packages
downloads and will verify that tor is working before doing
anything, in order to make sure nothing is leaking by error.

It also configure each connexion to go over a different tor
circuit, to make correlation harder.

This is the first time I wrote a dnf plugin, so I likely forgot something, and would like to get a review before merging. I am not sure if I should include PO update in the PR, so I left them out.

@ignatenkobrain

This comment has been minimized.

Show comment
Hide comment
@ignatenkobrain

ignatenkobrain Feb 14, 2016

Member

I would like to avoid pycurl. What about requests? In worst case use urllib.

Use dnf built-in ini parser (see one of plugins with config here).

Please also update spec file with new plugin if possible. Others looks good.

Member

ignatenkobrain commented Feb 14, 2016

I would like to avoid pycurl. What about requests? In worst case use urllib.

Use dnf built-in ini parser (see one of plugins with config here).

Please also update spec file with new plugin if possible. Others looks good.

@ignatenkobrain

This comment has been minimized.

Show comment
Hide comment
@ignatenkobrain

ignatenkobrain Feb 14, 2016

Member

Ah, you are not using iniparser, so drop import.

Member

ignatenkobrain commented Feb 14, 2016

Ah, you are not using iniparser, so drop import.

@mscherer

This comment has been minimized.

Show comment
Hide comment
@mscherer

mscherer Feb 27, 2016

Contributor

So, seems requests do not support sock5h proxy, because urllib3 do support only http and https proxy. So I think pycurl is unavoidable for that use case.

Contributor

mscherer commented Feb 27, 2016

So, seems requests do not support sock5h proxy, because urllib3 do support only http and https proxy. So I think pycurl is unavoidable for that use case.

@mscherer

This comment has been minimized.

Show comment
Hide comment
@mscherer

mscherer Mar 18, 2016

Contributor

So, I check others plugins (like local) and they also import iniparser for ini.Error. Is there a alternative to that ?

Contributor

mscherer commented Mar 18, 2016

So, I check others plugins (like local) and they also import iniparser for ini.Error. Is there a alternative to that ?

@irl

This comment has been minimized.

Show comment
Hide comment
@irl

irl Apr 5, 2016

Registering my interest in this, happy to help with testing across a few servers.

@mscherer Send me a mail if you'd be interested in me doing some testing, irl@fedoraproject.org

irl commented Apr 5, 2016

Registering my interest in this, happy to help with testing across a few servers.

@mscherer Send me a mail if you'd be interested in me doing some testing, irl@fedoraproject.org

@mscherer

This comment has been minimized.

Show comment
Hide comment
@mscherer

mscherer Apr 5, 2016

Contributor

I am ok with people doing a test, yes. Copying the 2 files at the right location is all that is needed.

Contributor

mscherer commented Apr 5, 2016

I am ok with people doing a test, yes. Copying the 2 files at the right location is all that is needed.

@mscherer

This comment has been minimized.

Show comment
Hide comment
@mscherer

mscherer Apr 14, 2016

Contributor

So, just as a note to myself, dnf also use this plugin when doing a system upgrade, and it fail since tor is not running in the limited environment where it is running.
I didn't found yet a good solution to the problem, but I want to record it for later.

Contributor

mscherer commented Apr 14, 2016

So, just as a note to myself, dnf also use this plugin when doing a system upgrade, and it fail since tor is not running in the limited environment where it is running.
I didn't found yet a good solution to the problem, but I want to record it for later.

mscherer added some commits Jan 17, 2016

DNF plugin that automatically use tor
This plugin will make sure that tor is enabled for packages
downloads and will verify that tor is working before doing
anything, in order to make sure nothing is leaking by error.

It also configure each connexion to go over a different tor
circuit, to make correlation harder.
Do not abort if tor cannot be contacted, just log a warning
Since tor not working mean that the socks proxy would fail,
we do not need to fail ourself.

However, one case where this would cause trouble is if someone
replace the tor process by something else, but I will
assume that anonimity would be compromissed already since a long
time if that happen.

It was found that this prevent dnf system-upgrade from working, since
tor is not running when doing the package upgrade after the reboot.

@ignatenkobrain ignatenkobrain merged commit ceaf2d6 into rpm-software-management:master Sep 9, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment