-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tor endpoint for HTTP API #38
Comments
I am starting to work through this one, I'll let you know when I have something that might work & is ready for a review. Just to clarify, the goal here is to have the public & private APIs be running as hidden services with just a boolean flag in the configuration file needed to set it up? |
Hi @tee8z This should only apply to the public API. Indeed, it should be configurable via a flag in the config file. |
I was looking into this issue and have found some possible tor implementations that could be used. IMO the best one for this task is libtor (arti will probably be better but it's not quite mature yet). I will keep looking for some other candidate solutions for a little while. Wanted to know if you guys have any other crates in mind that can better deal with tor. |
For the client side we can use tor-stream, but I believe we won't need it, right? |
I have this code basically ready to go, just need to finish up the unit tests, using the https://crates.io/crates/torut crate as it just communicates with a tor daemon setup on the given server. With the libtor library it adds a dependency to 'openssl' which can make building the project much more difficult and I try to avoid adding that dependency when possible. I agree arti would be best once that is ready to be used. |
Only the clients who are talking to the tower will need to send their requests via Tor? Not sure I follow what you mean there. |
Exciting! |
Nvm that, I got confused. No need to tor_stream. |
I have a PR posted 'Tor endpoint http api', please let me know of any changes you would like me to make! |
At the moment we're offering the service over HTTP/HTTPS. For privacy reasons, it'll be good to allow the HTTP endpoint to be served over Tor. This includes:
The text was updated successfully, but these errors were encountered: