New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support connecting to IRC via a SOCKS proxy [$15] #143

Open
kylef opened this Issue Mar 19, 2012 · 9 comments

Comments

Projects
None yet
10 participants
@kylef
Member

kylef commented Mar 19, 2012


There is a $5.00 bounty open on this issue at Bountysource

## --- There is a **[$15 open bounty](https://www.bountysource.com/issues/682-support-connecting-to-irc-via-a-socks-proxy?utm_campaign=plugin&utm_content=tracker%2F1759&utm_medium=issues&utm_source=github)** on this issue. Add to the bounty at [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F1759&utm_medium=issues&utm_source=github).
@DarthGandalf

This comment has been minimized.

Member

DarthGandalf commented Mar 19, 2012

HTTP CONNECT can work too....

@ninlilizi

This comment has been minimized.

ninlilizi commented Apr 16, 2012

I'd really <3 this feature too.
Even basic socks4 support would be both grand and simple to implement

@Ramblurr

This comment has been minimized.

Ramblurr commented Jun 6, 2012

This would be incredibly useful. I'd love to be able to use znc over tor or any other arbitrary socks proxy.

@ErebusBat

This comment has been minimized.

ErebusBat commented Jan 29, 2013

FYI this can be easily accomplished using socat by running the following command on the ZNC server, then using 127.0.0.1:4321 as the server in ZNC.

Freenode via TOR:
socat TCP4-LISTEN:4321,fork SOCKS4A:localhost:p4fsi4ockecnea7l.onion:6667,socksport=9050

Assume you just want to use proxy.mycompany.com:8080 as your SOCKS proxy, then the command would be:
socat TCP4-LISTEN:4321,fork SOCKS4A:proxy.mycompany.com:p4fsi4ockecnea7l.onion:6667,socksport=8080

Obviously you can replace the .onion address with another IRC server, or change the port.

@Mikaela

This comment has been minimized.

Contributor

Mikaela commented Dec 4, 2014

Could this optionally be network specific for exampe using tor only at specific networks? The socat has issue of not starting automatically on boot or crash unlike ZNC in crontab.

To my own comment above: What sense would it make connecting to Tor only with one server and not the rest? Your real host would be seen on the other networks anyway and if only your ZNC was using tor, your IP could always be gotten by making you click some link etc.

Updated on 2015-06-12 while also strikethroughing the previous comment.

2018-09-28, this is probably the issue where I have changed my mind the most.

Tor hidden services provide additional encryption in addition to TLS and they cannot be MITMed (or at least not "as easily"). Their development also seems to only going forwards with Tor Hidden Services version 3.

Thus I might like to connect to freenode (and some other network) hidden service, while connecting to a IRCd on my localhost or LAN without Tor and like irl says below, I wouldn't need or want to use Tor with network using CJDNS or DN42.

I guess the main point to my original comment is that there are other reasons to use Tor than hiding IP. I would recommend reading Tor's mode sof anonymity in their TorifyHOWTO

And to end this round of editing, the original issue only requests SOCKS proxy support (I hope it to mean SOCKS5) and that there likely are other use cases for SOCKS proxy other than Tor (usually 127.0.0.1:9050) even with keeping in mind that the connection between ZNC and the proxy is not encrypted.

2018-09-28 -EDIT2: HexChat also has option to "bypass proxy for this server", WeeChat has proxy as server-specific option that may also be set globally, I don't know if those compare to ZNC, but ZNC would not be the only software featuring per-server proxies. I also forgot above that anonymity networks other than Tor also exist such as I2P which might also need a separate proxy (I haven't investigated it, sorry).

@znc-bountysource znc-bountysource changed the title from Support connecting to IRC via a SOCKS proxy [$5] to Support connecting to IRC via a SOCKS proxy [$15] Apr 10, 2015

@Carlgo11

This comment has been minimized.

Carlgo11 commented Apr 10, 2015

Added $10. Please add 😘

@pdostal

This comment has been minimized.

pdostal commented Sep 6, 2016

I'd also like to ask for proxy support in ZNC 👍

@irl

This comment has been minimized.

irl commented Oct 29, 2016

+1

The socat example isn't exactly reliable. In response to @Mikaela, Tor is not the only use case for this. I'd like to use Tor to connect to Freenode and OFTC, but I'd still like to go directly to hackint (via dn42) and another network accessible via cjdns, so this would need to be a per server thing.

Looking at how to implement this (hints to prospective developers, I'm not a C++ dev):

  • ZNC uses the CSocketManager to manage the low-level socket that is the actual connection to the IRC server. It looks like modifications would be required for the Connect() function here to allow for a SOCKS proxy to be specified.
  • When a SOCKS proxy is specified, for the Tor use case at least, it would be necessary to disable DNS resolution and pass the domain name (which may be a hidden service) through the SOCKS proxy.
  • It may be a better idea to provide an alternative function such as ConnectSocks() to implement the acquiring of a socket via SOCKS as you're basically rewriting the whole function.
@Mikaela

This comment has been minimized.

Contributor

Mikaela commented Sep 28, 2018

As it has been so long time since anything was said here, I would like to add this comment to notify that I have changed my mind on #143 (comment) again and added another set of strikethroughs and written the actual comment there.

Unrelatedly the Bountysource integration in the original post is broken.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment