[torsocks] Initial package
Jamie Nguyen
jamielinux at fedoraproject.org
Tue Dec 4 15:52:04 UTC 2012
commit faac7d6e2fda132823311d3882ec02a627900bff
Author: Jamie Nguyen <j at jamielinux.com>
Date: Tue Dec 4 15:51:34 2012 +0000
Initial package
.gitignore | 1 +
sources | 1 +
torsocks-1.2-display-correct-error-message.patch | 65 +++++
torsocks-1.2-symbol-not-found-try-prefix.patch | 102 ++++++++
torsocks-1.2.tar.gz.sig | Bin 0 -> 72 bytes
torsocks.bash_completion | 1 +
torsocks.spec | 89 +++++++
uwt | 280 ++++++++++++++++++++++
8 files changed, 539 insertions(+), 0 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e69de29..c130554 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/torsocks-1.2.tar.gz
diff --git a/sources b/sources
index e69de29..50e8fbf 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+9bdc8786951e7eec6915433f324f22a4 torsocks-1.2.tar.gz
diff --git a/torsocks-1.2-display-correct-error-message.patch b/torsocks-1.2-display-correct-error-message.patch
new file mode 100644
index 0000000..3458106
--- /dev/null
+++ b/torsocks-1.2-display-correct-error-message.patch
@@ -0,0 +1,65 @@
+From: intrigeri <intrigeri at boum.org>
+Date: Mon, 30 Jan 2012 17:55:42 +0100
+Subject: Display correct error message when the wrapped program cannot be
+ found in $PATH.
+
+---
+ src/torsocks.in | 9 ++++++++-
+ src/usewithtor.in | 9 ++++++++-
+ 2 files changed, 16 insertions(+), 2 deletions(-)
+
+diff --git a/src/torsocks.in b/src/torsocks.in
+index 53db2fc..678f854 100755
+--- a/src/torsocks.in
++++ b/src/torsocks.in
+@@ -63,6 +63,11 @@
+ # Tamas Szerb <toma at rulez.org>
+ # Modified by Robert Hogan <robert at roberthogan.net> April 16th 2006
+
++not_found () {
++ echo "ERROR: $1 cannot be found in PATH." >&2
++ exit 1
++}
++
+ set_id () {
+ echo "ERROR: $1 is set${2}id. torsocks will not work on a set${2}id executable." >&2
+ exit 1
+@@ -133,7 +138,9 @@ case "$1" in
+
+ if [ $# -gt 0 ]
+ then
+- if [ -u `which "$1"` ]; then
++ if ! which "$1" >/dev/null 2>&1; then
++ not_found $1
++ elif [ -u `which "$1"` ]; then
+ set_id $1 u
+ elif [ -g `which "$1"` ]; then
+ set_id $1 g
+diff --git a/src/usewithtor.in b/src/usewithtor.in
+index 0a1e42d..e606760 100644
+--- a/src/usewithtor.in
++++ b/src/usewithtor.in
+@@ -42,6 +42,11 @@ usage () {
+ echo "Usage: $0 [-hv] <command> [<options>...]"
+ }
+
++not_found () {
++ echo "ERROR: $1 cannot be found in PATH." >&2
++ exit 1
++}
++
+ set_id () {
+ echo "ERROR: $1 is set${2}id. usewithtor will not work on a set${2}id executable." >&2
+ exit 1
+@@ -68,7 +73,9 @@ while [ "$1" ]; do
+ esac
+ done
+
+-if [ -u `which "$1"` ]; then
++if ! which "$1" >/dev/null 2>&1; then
++ not_found $1
++elif [ -u `which "$1"` ]; then
+ set_id $1 u
+ elif [ -g `which "$1"` ]; then
+ set_id $1 g
+--
diff --git a/torsocks-1.2-symbol-not-found-try-prefix.patch b/torsocks-1.2-symbol-not-found-try-prefix.patch
new file mode 100644
index 0000000..18e6c43
--- /dev/null
+++ b/torsocks-1.2-symbol-not-found-try-prefix.patch
@@ -0,0 +1,102 @@
+From: intrigeri <intrigeri at boum.org>
+Date: Mon, 30 Jan 2012 18:29:47 +0100
+Subject: If a symbol cannot be found, also try by prefixing its name with __.
+
+Rationale: libresolv is considered as a private interface of eglibc.
+Private symbols in there see their names prefixed this way.
+Like it or not, we have to go find them using the names they go by with.
+
+Trying both kind of names maximizes our support of various vendors of the libc
+and various versions of the glibc (FTR, symbols in there where renamed between
+2.0 and 2.3).
+---
+ src/expansion_table.h | 5 -----
+ src/torsocks.c | 20 +++++++++++++-------
+ 2 files changed, 13 insertions(+), 12 deletions(-)
+
+diff --git a/src/expansion_table.h b/src/expansion_table.h
+index e981f5d..14fabe1 100644
+--- a/src/expansion_table.h
++++ b/src/expansion_table.h
+@@ -76,12 +76,7 @@
+ /*RES_FUNC (ERR, int, RES_INIT_, res_init, res_init, "res_init") */
+ RES_FUNC (ERR, int, RES_QUERY_, res_query, res_query, "res_query")
+ RES_FUNC (ERR, int, RES_SEARCH_, res_search, res_search, "res_search")
+-#if defined(__APPLE__) || defined(__darwin__)
+ RES_FUNC (ERR, int, RES_SEND_, res_send, res_send, "res_send")
+-#else
+-/* It is a bit of a mystery why this is required on Linux. See http://code.google.com/p/torsocks/issues/detail?id=3 */
+-RES_FUNC (ERR, int, RES_SEND_, res_send, res_send, "__res_send")
+-#endif
+ RES_FUNC (ERR, int, RES_QUERYDOMAIN_, res_querydomain, res_querydomain, "res_querydomain")
+
+ DNS_FUNC (ERR, struct hostent *, GETHOSTBYNAME_, gethostbyname, gethostbyname, "gethostbyname")
+diff --git a/src/torsocks.c b/src/torsocks.c
+index f559eec..fcd9d95 100644
+--- a/src/torsocks.c
++++ b/src/torsocks.c
+@@ -150,10 +150,11 @@ void torsocks_init(void)
+ dlerror();
+ #ifndef USE_OLD_DLSYM
+ #ifdef SUPPORT_RES_API
+- if ((realres_init = dlsym(RTLD_NEXT, "res_init")) == NULL)
++ if (((realres_init = dlsym(RTLD_NEXT, "res_init")) == NULL) &&
++ ((realres_init = dlsym(RTLD_NEXT, "__res_init")) == NULL))
+ LOAD_ERROR("res_init", MSGERR);
+ #endif
+- #define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) if ((real##n = dlsym(RTLD_NEXT, m)) == NULL) LOAD_ERROR(m, MSG##e);
++ #define PATCH_TABLE_EXPANSION(e,r,s,n,b,m) if (((real##n = dlsym(RTLD_NEXT, m)) == NULL) && ((real##n = dlsym(RTLD_NEXT, "__" m)) == NULL)) LOAD_ERROR(m, MSG##e);
+ #include "expansion_table.h"
+ #undef PATCH_TABLE_EXPANSION
+ #else
+@@ -856,7 +857,8 @@ int res_init(void)
+ {
+ int rc;
+
+- if (!realres_init && ((realres_init = dlsym(RTLD_NEXT, "res_init")) == NULL))
++ if (!realres_init && ((realres_init = dlsym(RTLD_NEXT, "res_init")) == NULL) &&
++ ((realres_init = dlsym(RTLD_NEXT, "__res_init")) == NULL))
+ LOAD_ERROR("res_init", MSGERR);
+
+ show_msg(MSGTEST, "Got res_init request\n");
+@@ -877,7 +879,8 @@ int EXPAND_GUTS_NAME(res_query)(RES_QUERY_SIGNATURE, int (*original_res_query)(R
+ {
+ int rc;
+
+- if (!original_res_query && ((original_res_query = dlsym(RTLD_NEXT, "res_query")) == NULL))
++ if (!original_res_query && ((original_res_query = dlsym(RTLD_NEXT, "res_query")) == NULL) &&
++ ((original_res_query = dlsym(RTLD_NEXT, "__res_query")) == NULL))
+ LOAD_ERROR("res_query", MSGERR);
+
+ show_msg(MSGTEST, "Got res_query request\n");
+@@ -903,7 +906,8 @@ int EXPAND_GUTS_NAME(res_querydomain)(RES_QUERYDOMAIN_SIGNATURE, int (*original_
+ int rc;
+
+ if (!original_res_querydomain &&
+- ((original_res_querydomain = dlsym(RTLD_NEXT, "res_querydomain")) == NULL))
++ ((original_res_querydomain = dlsym(RTLD_NEXT, "res_querydomain")) == NULL) &&
++ ((original_res_querydomain = dlsym(RTLD_NEXT, "__res_querydomain")) == NULL))
+ LOAD_ERROR("res_querydoimain", MSGERR);
+
+ show_msg(MSGDEBUG, "Got res_querydomain request\n");
+@@ -929,7 +933,8 @@ int EXPAND_GUTS_NAME(res_search)(RES_SEARCH_SIGNATURE, int (*original_res_search
+ int rc;
+
+ if (!original_res_search &&
+- ((original_res_search = dlsym(RTLD_NEXT, "res_search")) == NULL))
++ ((original_res_search = dlsym(RTLD_NEXT, "res_search")) == NULL) &&
++ ((original_res_search = dlsym(RTLD_NEXT, "__res_search")) == NULL))
+ LOAD_ERROR("res_search", MSGERR);
+
+ show_msg(MSGTEST, "Got res_search request\n");
+@@ -954,7 +959,8 @@ int EXPAND_GUTS_NAME(res_send)(RES_SEND_SIGNATURE, int (*original_res_send)(RES_
+ {
+ int rc;
+
+- if (!original_res_send && ((original_res_send = dlsym(RTLD_NEXT, "res_send")) == NULL))
++ if (!original_res_send && ((original_res_send = dlsym(RTLD_NEXT, "res_send")) == NULL)
++ && ((original_res_send = dlsym(RTLD_NEXT, "__res_send")) == NULL))
+ LOAD_ERROR("res_send", MSGERR);
+
+ show_msg(MSGTEST, "Got res_send request\n");
+--
diff --git a/torsocks-1.2.tar.gz.sig b/torsocks-1.2.tar.gz.sig
new file mode 100644
index 0000000..199afe3
Binary files /dev/null and b/torsocks-1.2.tar.gz.sig differ
diff --git a/torsocks.bash_completion b/torsocks.bash_completion
new file mode 100644
index 0000000..365c906
--- /dev/null
+++ b/torsocks.bash_completion
@@ -0,0 +1 @@
+complete -F _command torsocks
diff --git a/torsocks.spec b/torsocks.spec
new file mode 100644
index 0000000..6a1473e
--- /dev/null
+++ b/torsocks.spec
@@ -0,0 +1,89 @@
+Name: torsocks
+Version: 1.2
+Release: 2%{?dist}
+
+Summary: Use SOCKS-friendly applications with Tor
+Group: Applications/Internet
+# COPYING file has incorrect FSF address
+# https://code.google.com/p/torsocks/issues/detail?id=51
+License: GPLv2+
+URL: https://code.google.com/p/torsocks
+
+Source0: https://torsocks.googlecode.com/files/%{name}-%{version}.tar.gz
+Source1: https://torsocks.googlecode.com/files/%{name}-%{version}.tar.gz.sig
+Source2: https://raw.github.com/adrelanos/Whonix/master/whonix_shared/usr/local/bin/uwt
+Source3: torsocks.bash_completion
+# https://code.google.com/p/torsocks/issues/detail?id=50
+Patch0: torsocks-1.2-display-correct-error-message.patch
+# https://code.google.com/p/torsocks/issues/detail?id=3
+Patch1: torsocks-1.2-symbol-not-found-try-prefix.patch
+
+%description
+Torsocks allows you to use most SOCKS-friendly applications in a safe way
+with Tor. It ensures that DNS requests are handled safely and explicitly
+rejects UDP traffic from the application you're using.
+
+
+%prep
+%setup -q
+%patch0 -p1
+%patch1 -p1
+
+
+%build
+%configure --libdir=%{_libdir}
+make %{?_smp_mflags}
+
+
+%install
+make install DESTDIR=%{buildroot}
+
+# Remove extraneous files.
+rm -f %{buildroot}%{_libdir}/torsocks/libtorsocks.{a,la}*
+rm -f %{buildroot}%{_datadir}/DEBUG
+rm -f %{buildroot}%{_datadir}/README*
+rm -f %{buildroot}%{_datadir}/SOCKS*
+rm -f %{buildroot}%{_datadir}/*.sh
+rm -f %{buildroot}%{_datadir}/*.txt
+rm -f %{buildroot}%{_datadir}/*.patch
+
+# Fix hardcoded library path.
+sed -i -e 's|^LIBDIR=.*|LIBDIR="%{_libdir}/torsocks"|g' \
+ %{buildroot}%{_bindir}/torsocks
+
+# Include modified usewithtor to support setting proxy type, ip and port using
+# cli parameters to prevent identity correlation through circuit sharing.
+install -p -D -m 0755 %{SOURCE2} %{buildroot}%{_bindir}/uwt
+
+# For bash completion.
+install -p -D -m 0644 %{SOURCE3} \
+ %{buildroot}%{_sysconfdir}/bash_completion.d/torsocks
+
+
+%files
+%doc ChangeLog COPYING README
+%{_bindir}/torsocks
+%{_bindir}/usewithtor
+%{_bindir}/uwt
+%{_mandir}/man1/torsocks.1.*
+%{_mandir}/man1/usewithtor.1.*
+%{_mandir}/man5/torsocks.conf.5.*
+%{_mandir}/man8/torsocks.8.*
+%dir %{_libdir}/torsocks
+# torsocks requires this file so it has not been placed in -devel subpackage
+%{_libdir}/torsocks/libtorsocks.so
+%{_libdir}/torsocks/libtorsocks.so.1*
+%config(noreplace) %{_sysconfdir}/bash_completion.d/torsocks
+%config(noreplace) %{_sysconfdir}/torsocks.conf
+
+
+%changelog
+* Fri Nov 23 2012 Jamie Nguyen <jamielinux at fedoraproject.org> - 1.2-2
+- add .sig file
+- add links to upstream bug reports
+- merge -devel package as torsocks requires libtorsocks.so
+- fix directory ownership
+- mark bash_completion file as a config file
+
+* Sat Nov 17 2012 Jamie Nguyen <jamielinux at fedoraproject.org> - 1.2-1
+- initial package
diff --git a/uwt b/uwt
new file mode 100644
index 0000000..9233bb3
--- /dev/null
+++ b/uwt
@@ -0,0 +1,280 @@
+#!/bin/bash
+
+## Update 18
+
+## https://trac.torproject.org/projects/tor/wiki/doc/torsocks
+
+## ***************************************************************************
+## * *
+## * Copyright (C) 2008-2011 Robert Hogan <robert at roberthogan.net> *
+## * *
+## * This program is free software; you can redistribute it and/or modify *
+## * it under the terms of the GNU General Public License as published by *
+## * the Free Software Foundation; either version 2 of the License, or *
+## * (at your option) any later version. *
+## * *
+## * This program is distributed in the hope that it will be useful, *
+## * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+## * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+## * GNU General Public License for more details. *
+## * *
+## * You should have received a copy of the GNU General Public License *
+## * along with this program; if not, write to the *
+## * Free Software Foundation, Inc., *
+## * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+## ***************************************************************************
+## * *
+## * This is a modified version of a source file from the Tor project. *
+## * Original copyright notice from tsocks source file follows: *
+## ***************************************************************************
+
+## Wrapper script for use of the tsocks(8) transparent socksification library
+## See the tsocks(1) and torify(1) manpages.
+
+## Copyright (c) 2004, 2006 Peter Palfrader
+## Modified by Jacob Appelbaum <jacob at appelbaum.net> April 16th 2006
+## Modified by Marcus Griep <marcus at griep.us> June 16 2009
+## May be distributed under the same terms as Tor itself
+## Modified by adrelanos (aka proper)
+## Modifications copyright (c) 2012
+## Whonix license: See LICENSE in root of Whonix source for copyright, license and authors.
+
+## Note:
+## -v (verbose) and the UWT_VERBOSE environment variable set to 1
+## will break many graphical applications, which use applications,
+## which will call applications, which we wrapped to use uwt.
+
+## You can also type in shell:
+## export UWT_VERBOSE="1"
+## to enable verbose output.
+
+## UWT_DEV_PASSTHROUGH is only supported in Whonix.
+## Only supposed to be used by developers.
+## Torsocks will not be used.
+## Traffic will be send in the clear.
+## Thus, if behind a transparent proxy, traffic will go through that transparent proxy.
+## Just as uwt would not be used.
+## This is useful for development and building Whonix.
+# export UWT_DEV_PASSTHROUGH="1"
+
+## Note:
+## When running applications as root, you also have to set and
+## export that variable as root.
+
+NAME=$(basename $0)
+
+## Define and ensure we have tsocks
+## XXX: what if we do not have which?
+TORSOCKS="`which torsocks`"
+
+if [ -z "$UWT_VERBOSE" ]; then
+ #echo "UWT_VERBOSE: did not exist."
+ UWT_VERBOSE="0"
+else
+ if [ "$UWT_VERBOSE" = "1" ]; then
+ set -x
+ fi
+fi
+#echo "UWT_VERBOSE: $UWT_VERBOSE"
+
+if [ -z "$UWT_DEV_PASSTHROUGH" ]; then
+ #echo "UWT_DEV_PASSTHROUGH: did not exist."
+ UWT_DEV_PASSTHROUGH="0"
+fi
+
+usage () {
+ echo "Usage: $NAME [-h] [-v] -t server_type -i ip -p port <command> [<options>...]"
+ echo "Example: $NAME -t 5 -i 127.0.0.1 -p 9050 wget https://check.torproject.org"
+ echo " sudo $NAME -t 5 -i 192.168.0.10 -p 9104 /usr/bin/apt-get --yes dist-upgrade"
+}
+
+set_id () {
+ echo "ERROR: $1 is set${2}id. usewithtor will not work on a set${2}id executable." >&2
+ exit 1
+}
+
+## Check for any argument list
+if [ "$#" = 0 ]; then
+ usage >&2
+ exit 1
+fi
+
+while [ -n "$1" ]; do
+ case "$1" in
+ -h)
+ usage
+ exit 0
+ ;;
+ -v)
+ set -x
+ UWT_VERBOSE="1"
+ ;;
+ -i)
+ ip="$2"
+ shift
+ ;;
+ -p)
+ port="$2"
+ shift
+ ;;
+ -t)
+ server_type="$2"
+ shift
+ ;;
+ *)
+ command="`which $1`"
+ ## From now on the complete to-be wrapped command + its args
+ ## are stored in $@, which will expand like we want it for
+ ## handling quoted arguments with whitespaces in it, etc.
+ break
+ esac
+ shift
+done
+
+if [ -z "$ip" ]; then
+ echo "ERROR: ip (-i) missing." >&2
+ exit 1
+fi
+
+if [ -z "$port" ]; then
+ echo "ERROR: port (-p) missing." >&2
+ exit 1
+fi
+
+if [ -z "$server_type" ]; then
+ echo "ERROR: server type (-t) missing." >&2
+ exit 1
+fi
+
+if [ -z "$command" ]; then
+ echo "ERROR: command is missing." >&2
+ exit 1
+fi
+
+if [ "$UWT_VERBOSE" = "1" ]; then
+ echo "uwt command: \"$@\""
+fi
+
+if [ ! -x "$command" ]; then
+ echo "UWT ERROR: $1 is not an executable." >&2
+ exit 1
+elif [ -u "$command" ]; then
+ set_id $1 u
+elif [ -g "$command" ]; then
+ set_id $1 g
+fi
+
+if [ ! -x "$TORSOCKS" ]; then
+ echo "$NAME: Unable to find torsocks in PATH." >&2
+ echo " Perhaps you have not installed it?" >&2
+ exit 1
+fi
+
+if [ "$UWT_VERBOSE" = "1" ]; then
+ echo "We are armed with the following torsocks: $TORSOCKS"
+fi
+
+## Define our torsocks config file.
+TORSOCKS_CONF_FILE="`mktemp`"
+export TORSOCKS_CONF_FILE
+#echo "TORSOCKS_CONF_FILE: $TORSOCKS_CONF_FILE"
+
+## Fix permissions.
+## This fixes a bug.
+## Unpacking flashplugin-nonfree (from .../flashplugin-nonfree_1%3a2.8.5_i386.deb) ...
+## Processing triggers for man-db ...
+## libtorsocks(18790): Could not open socks configuration file (/tmp/tmp.pKSaitLYTN) errno (13), assuming sensible defaults for Tor.
+chmod g+r "$TORSOCKS_CONF_FILE"
+chmod o+r "$TORSOCKS_CONF_FILE"
+
+echo "
+ ## Temporary torsocks configuration file created by uwt.
+ ## Safe to delete.
+ local = 127.0.0.0/255.128.0.0
+ local = 127.128.0.0/255.192.0.0
+ local = 169.254.0.0/255.255.0.0
+ local = 172.16.0.0/255.240.0.0
+ local = 192.168.0.0/255.255.0.0
+ server = $ip
+ server_type = $server_type
+ server_port = $port
+" > "$TORSOCKS_CONF_FILE"
+
+## Check that we have got a torsocks config file
+if [ ! -r "$TORSOCKS_CONF_FILE" ]; then
+ ## Since identity corelation through circuit sharing is at risk,
+ ## we should no longer let torsocks default to 9050.
+ echo "$NAME: Missing torsocks configuration file \"$TORSOCKS_CONF_FILE\."
+ exit 1
+fi
+
+if [ "$UWT_VERBOSE" = "1" ]; then
+ echo "uwt"
+ echo "ip: $ip port: $port"
+fi
+
+UWT_LOCALHOST="0"
+
+#echo "uwt: $ *: $*"
+case "$*" in
+ *127.0.0.1*)
+ UWT_LOCALHOST="1"
+ ;;
+ *localhost*)
+ UWT_LOCALHOST="1"
+ ;;
+ *)
+ ## do nothing
+ true
+ ;;
+esac
+
+if [ "$UWT_DEV_PASSTHROUGH" = "1" ]; then
+
+ if [ "$UWT_VERBOSE" = "1" ]; then
+ echo "uwt: UWT_DEV_PASSTHROUGH detected."
+ echo "exec torsocks \"$@\""
+ fi
+
+ if [ ! -f "/usr/local/share/whonix/whonix_workstation" ] && \
+ [ ! -f "/usr/local/share/whonix/whonix_gateway" ]; then
+ echo "UWT_DEV_PASSTHROUGH is only supported in Whonix." >&2
+ exit 1
+ fi
+
+ ## Safe in Whonix.
+ exec "$@"
+
+ exitcode="$?"
+ exit "$exitcode"
+fi
+
+if [ "$UWT_LOCALHOST" = "1" ]; then
+
+ if [ "$UWT_VERBOSE" = "1" ]; then
+ echo "uwt: localhost detected."
+ echo "exec torsocks \"$@\""
+ fi
+
+ if [ ! -f "/usr/local/share/whonix/whonix_workstation" ] && \
+ [ ! -f "/usr/local/share/whonix/whonix_gateway" ]; then
+ echo "uwt will not work for localhost connections." >&2
+ exit 1
+ fi
+
+ ## Safe in Whonix.
+ exec "$@"
+
+else
+
+ if [ "$UWT_VERBOSE" = "1" ]; then
+ echo "uwt: localhost not detected. Using torsocks."
+ echo "exec torsocks \"$@\""
+ #echo "exec torsocks $command"
+ fi
+
+ exec torsocks "$@"
+
+fi
+
+## End of uwt script.
More information about the scm-commits
mailing list