"net_reader: Net::NNTP --proxy=socks5h:// support"

user/dev discussion of public-inbox itself
 help / color / mirror / code / Atom feed

Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download mbox.gz: |

* [PATCH 7/8] net_reader: Net::NNTP --proxy=socks5h:// support
  2021-04-30  9:24  7% [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes Eric Wong
@ 2021-04-30  9:24  4% ` Eric Wong
  0 siblings, 0 replies; 2+ results
From: Eric Wong @ 2021-04-30  9:24 UTC (permalink / raw)
  To: meta

Since Net::NNTP doesn't support Socket or RawSocket
options/accessors like Mail::IMAPClient does; we must perform
localized @ISA manipulation and massage Net::NNTP into using
IO::Socket::Socks rather than IO::Socket::IP.

This is a bit fragile, but Net::Cmd and Net::NNTP rarely change;
and I keep an eye on them, anyways.
---
 MANIFEST                        |  2 ++
 lib/PublicInbox/NetNNTPSocks.pm | 33 +++++++++++++++++++++++++++++++++
 lib/PublicInbox/NetReader.pm    | 12 +++++++++++-
 xt/net_nntp_socks.t             | 22 ++++++++++++++++++++++
 4 files changed, 68 insertions(+), 1 deletion(-)
 create mode 100644 lib/PublicInbox/NetNNTPSocks.pm
 create mode 100644 xt/net_nntp_socks.t

diff --git a/MANIFEST b/MANIFEST
index 5933ddf4..bc2ad671 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -241,6 +241,7 @@ lib/PublicInbox/NDC_PP.pm
 lib/PublicInbox/NNTP.pm
 lib/PublicInbox/NNTPD.pm
 lib/PublicInbox/NNTPdeflate.pm
+lib/PublicInbox/NetNNTPSocks.pm
 lib/PublicInbox/NetReader.pm
 lib/PublicInbox/NetWriter.pm
 lib/PublicInbox/NewsWWW.pm
@@ -518,6 +519,7 @@ xt/lei-auth-fail.t
 xt/mem-imapd-tls.t
 xt/mem-msgview.t
 xt/msgtime_cmp.t
+xt/net_nntp_socks.t
 xt/net_writer-imap.t
 xt/nntpd-validate.t
 xt/perf-msgview.t
diff --git a/lib/PublicInbox/NetNNTPSocks.pm b/lib/PublicInbox/NetNNTPSocks.pm
new file mode 100644
index 00000000..8495204a
--- /dev/null
+++ b/lib/PublicInbox/NetNNTPSocks.pm
@@ -0,0 +1,33 @@
+# Copyright (C) 2021 all contributors <meta@public-inbox.org>
+# License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
+
+# wrap Net::NNTP client with SOCKS support
+package PublicInbox::NetNNTPSocks;
+use strict;
+use v5.10.1;
+use Net::NNTP;
+our %OPT;
+our @ISA = qw(IO::Socket::Socks);
+my @SOCKS_KEYS = qw(ProxyAddr ProxyPort SocksVersion SocksDebug SocksResolve);
+
+# use this instead of Net::NNTP->new if using Proxy*
+sub new_socks {
+	my (undef, %opt) = @_;
+	require IO::Socket::Socks;
+	local @Net::NNTP::ISA = (qw(Net::Cmd), __PACKAGE__);
+	local %OPT = map {;
+		defined($opt{$_}) ? ($_ => $opt{$_}) : ()
+	} @SOCKS_KEYS;
+	Net::NNTP->new(%opt); # this calls our new() below:
+}
+
+# called by Net::NNTP->new
+sub new {
+	my ($self, %opt) = @_;
+	@OPT{qw(ConnectAddr ConnectPort)} = @opt{qw(PeerAddr PeerPort)};
+	my $ret = $self->SUPER::new(%OPT) or
+		die 'SOCKS error: '.eval('$IO::Socket::Socks::SOCKS_ERROR');
+	$ret;
+}
+
+1;
diff --git a/lib/PublicInbox/NetReader.pm b/lib/PublicInbox/NetReader.pm
index ac23e701..b2c4fee2 100644
--- a/lib/PublicInbox/NetReader.pm
+++ b/lib/PublicInbox/NetReader.pm
@@ -116,7 +116,13 @@ sub try_starttls ($) {
 
 sub nn_new ($$$) {
 	my ($nn_arg, $nntp_opt, $uri) = @_;
-	my $nn = Net::NNTP->new(%$nn_arg) or die "E: <$uri> new: $!\n";
+	my $nn;
+	if (defined $nn_arg->{ProxyAddr}) {
+		eval { $nn = PublicInbox::NetNNTPSocks->new_socks(%$nn_arg) };
+		die "E: <$uri> $@\n" if $@;
+	} else {
+		$nn = Net::NNTP->new(%$nn_arg) or die "E: <$uri> new: $!\n";
+	}
 
 	# default to using STARTTLS if it's available, but allow
 	# it to be disabled for localhost/VPN users
@@ -170,6 +176,10 @@ sub nn_for ($$$$) { # nn = Net::NNTP
 		SSL => $uri->secure, # snews == nntps
 		%$common, # may Debug ....
 	};
+	if ($lei && $lei->{socks5h}) {
+		require PublicInbox::NetNNTPSocks;
+		%$nn_arg = (%$nn_arg, %{$lei->{socks5h}});
+	}
 	my $nn = nn_new($nn_arg, $nntp_opt, $uri);
 	if ($cred) {
 		$cred->fill($lei); # may prompt user here
diff --git a/xt/net_nntp_socks.t b/xt/net_nntp_socks.t
new file mode 100644
index 00000000..4a144fd8
--- /dev/null
+++ b/xt/net_nntp_socks.t
@@ -0,0 +1,22 @@
+#!perl -w
+# Copyright (C) 2021 all contributors <meta@public-inbox.org>
+# License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
+use v5.12;
+use PublicInbox::TestCommon;
+use URI;
+require_mods 'IO::Socket::Socks';
+use_ok 'PublicInbox::NetNNTPSocks';
+my $url = $ENV{TEST_NNTP_ONION_URL} //
+	'nntp://czquwvybam4bgbro.onion/inbox.comp.mail.public-inbox.meta';
+my $uri = URI->new($url);
+my $on = PublicInbox::NetNNTPSocks->new_socks(
+	Port => $uri->port,
+	Host => $uri->host,
+	ProxyAddr => '127.0.0.1', # default Tor address + port
+	ProxyPort => 9050,
+) or xbail('err = '.eval('$IO::Socket::Socks::SOCKS_ERROR'));
+my ($nr, $min, $max, $grp) = $on->group($uri->group);
+ok($nr > 0 && $min > 0 && $min < $max, 'nr, min, max make sense') or
+	diag explain([$nr, $min, $max, $grp]);
+is($grp, $uri->group, 'group matches');
+done_testing;

^ permalink raw reply related	[relevance 4%]

* [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes
@ 2021-04-30  9:24  7% Eric Wong
  2021-04-30  9:24  4% ` [PATCH 7/8] net_reader: Net::NNTP --proxy=socks5h:// support Eric Wong
  0 siblings, 1 reply; 2+ results
From: Eric Wong @ 2021-04-30  9:24 UTC (permalink / raw)
  To: meta

Attempting to use torsocks(1) for NNTP or IMAP could get tricky.
Fortunately, IO::Socket::Socks is packaged for on CentOS 7,
FreeBSD, and Debian, so it seems to be a reasonable way to
support NNTP and IMAP Tor onions.

--proxy= (shared with curl) is supported for one-off
command-line use, but imap.proxy and nntp.proxy are both
supported along with URL-matching variants with git 1.8.5 (or
git 2.26 for wildcard URL matching).

Only socks5h:// proxies are supported (the default with
IO::Socket::Socks), which is what Tor uses.  I doubt its worth
the effort (and potential for DNS request leaks) to support
prior versions of SOCKS in 2021.

Eric Wong (8):
  lei sucks: preserve utsname.machine, add "x86" where appropriate
  lei_curl: improve correctness of LD_PRELOAD check
  lei: kill old PIDs when dropping
  lei: ensure autoflush(1) is on STDERR
  net_reader: {nn,mic}_for: use prototypes for internal subs
  lei: IMAP .onion support via --proxy=s switch
  net_reader: Net::NNTP --proxy=socks5h:// support
  net_reader: support (imap|nntp).proxy in config file

 MANIFEST                        |  2 +
 lib/PublicInbox/Config.pm       |  1 +
 lib/PublicInbox/LEI.pm          | 24 ++++++++---
 lib/PublicInbox/LeiCurl.pm      |  2 +-
 lib/PublicInbox/LeiInput.pm     |  2 +-
 lib/PublicInbox/LeiSucks.pm     |  3 +-
 lib/PublicInbox/LeiToMail.pm    |  4 +-
 lib/PublicInbox/NetNNTPSocks.pm | 33 +++++++++++++++
 lib/PublicInbox/NetReader.pm    | 72 +++++++++++++++++++++++++++------
 xt/net_nntp_socks.t             | 22 ++++++++++
 10 files changed, 141 insertions(+), 24 deletions(-)
 create mode 100644 lib/PublicInbox/NetNNTPSocks.pm
 create mode 100644 xt/net_nntp_socks.t

^ permalink raw reply	[relevance 7%]

Results 1-2 of 2 | reverse | options above

-- pct% links below jump to the message on this page, permalinks otherwise --
2021-04-30  9:24  7% [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes Eric Wong
2021-04-30  9:24  4% ` [PATCH 7/8] net_reader: Net::NNTP --proxy=socks5h:// support Eric Wong
Code repositories for project(s) associated with this public inbox

	https://80x24.org/public-inbox.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).