* [PATCH 7/8] net_reader: Net::NNTP --proxy=socks5h:// support
2021-04-30 9:24 7% [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes Eric Wong
@ 2021-04-30 9:24 4% ` Eric Wong
0 siblings, 0 replies; 2+ results
From: Eric Wong @ 2021-04-30 9:24 UTC (permalink / raw)
To: meta
Since Net::NNTP doesn't support Socket or RawSocket
options/accessors like Mail::IMAPClient does; we must perform
localized @ISA manipulation and massage Net::NNTP into using
IO::Socket::Socks rather than IO::Socket::IP.
This is a bit fragile, but Net::Cmd and Net::NNTP rarely change;
and I keep an eye on them, anyways.
---
MANIFEST | 2 ++
lib/PublicInbox/NetNNTPSocks.pm | 33 +++++++++++++++++++++++++++++++++
lib/PublicInbox/NetReader.pm | 12 +++++++++++-
xt/net_nntp_socks.t | 22 ++++++++++++++++++++++
4 files changed, 68 insertions(+), 1 deletion(-)
create mode 100644 lib/PublicInbox/NetNNTPSocks.pm
create mode 100644 xt/net_nntp_socks.t
diff --git a/MANIFEST b/MANIFEST
index 5933ddf4..bc2ad671 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -241,6 +241,7 @@ lib/PublicInbox/NDC_PP.pm
lib/PublicInbox/NNTP.pm
lib/PublicInbox/NNTPD.pm
lib/PublicInbox/NNTPdeflate.pm
+lib/PublicInbox/NetNNTPSocks.pm
lib/PublicInbox/NetReader.pm
lib/PublicInbox/NetWriter.pm
lib/PublicInbox/NewsWWW.pm
@@ -518,6 +519,7 @@ xt/lei-auth-fail.t
xt/mem-imapd-tls.t
xt/mem-msgview.t
xt/msgtime_cmp.t
+xt/net_nntp_socks.t
xt/net_writer-imap.t
xt/nntpd-validate.t
xt/perf-msgview.t
diff --git a/lib/PublicInbox/NetNNTPSocks.pm b/lib/PublicInbox/NetNNTPSocks.pm
new file mode 100644
index 00000000..8495204a
--- /dev/null
+++ b/lib/PublicInbox/NetNNTPSocks.pm
@@ -0,0 +1,33 @@
+# Copyright (C) 2021 all contributors <meta@public-inbox.org>
+# License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
+
+# wrap Net::NNTP client with SOCKS support
+package PublicInbox::NetNNTPSocks;
+use strict;
+use v5.10.1;
+use Net::NNTP;
+our %OPT;
+our @ISA = qw(IO::Socket::Socks);
+my @SOCKS_KEYS = qw(ProxyAddr ProxyPort SocksVersion SocksDebug SocksResolve);
+
+# use this instead of Net::NNTP->new if using Proxy*
+sub new_socks {
+ my (undef, %opt) = @_;
+ require IO::Socket::Socks;
+ local @Net::NNTP::ISA = (qw(Net::Cmd), __PACKAGE__);
+ local %OPT = map {;
+ defined($opt{$_}) ? ($_ => $opt{$_}) : ()
+ } @SOCKS_KEYS;
+ Net::NNTP->new(%opt); # this calls our new() below:
+}
+
+# called by Net::NNTP->new
+sub new {
+ my ($self, %opt) = @_;
+ @OPT{qw(ConnectAddr ConnectPort)} = @opt{qw(PeerAddr PeerPort)};
+ my $ret = $self->SUPER::new(%OPT) or
+ die 'SOCKS error: '.eval('$IO::Socket::Socks::SOCKS_ERROR');
+ $ret;
+}
+
+1;
diff --git a/lib/PublicInbox/NetReader.pm b/lib/PublicInbox/NetReader.pm
index ac23e701..b2c4fee2 100644
--- a/lib/PublicInbox/NetReader.pm
+++ b/lib/PublicInbox/NetReader.pm
@@ -116,7 +116,13 @@ sub try_starttls ($) {
sub nn_new ($$$) {
my ($nn_arg, $nntp_opt, $uri) = @_;
- my $nn = Net::NNTP->new(%$nn_arg) or die "E: <$uri> new: $!\n";
+ my $nn;
+ if (defined $nn_arg->{ProxyAddr}) {
+ eval { $nn = PublicInbox::NetNNTPSocks->new_socks(%$nn_arg) };
+ die "E: <$uri> $@\n" if $@;
+ } else {
+ $nn = Net::NNTP->new(%$nn_arg) or die "E: <$uri> new: $!\n";
+ }
# default to using STARTTLS if it's available, but allow
# it to be disabled for localhost/VPN users
@@ -170,6 +176,10 @@ sub nn_for ($$$$) { # nn = Net::NNTP
SSL => $uri->secure, # snews == nntps
%$common, # may Debug ....
};
+ if ($lei && $lei->{socks5h}) {
+ require PublicInbox::NetNNTPSocks;
+ %$nn_arg = (%$nn_arg, %{$lei->{socks5h}});
+ }
my $nn = nn_new($nn_arg, $nntp_opt, $uri);
if ($cred) {
$cred->fill($lei); # may prompt user here
diff --git a/xt/net_nntp_socks.t b/xt/net_nntp_socks.t
new file mode 100644
index 00000000..4a144fd8
--- /dev/null
+++ b/xt/net_nntp_socks.t
@@ -0,0 +1,22 @@
+#!perl -w
+# Copyright (C) 2021 all contributors <meta@public-inbox.org>
+# License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
+use v5.12;
+use PublicInbox::TestCommon;
+use URI;
+require_mods 'IO::Socket::Socks';
+use_ok 'PublicInbox::NetNNTPSocks';
+my $url = $ENV{TEST_NNTP_ONION_URL} //
+ 'nntp://czquwvybam4bgbro.onion/inbox.comp.mail.public-inbox.meta';
+my $uri = URI->new($url);
+my $on = PublicInbox::NetNNTPSocks->new_socks(
+ Port => $uri->port,
+ Host => $uri->host,
+ ProxyAddr => '127.0.0.1', # default Tor address + port
+ ProxyPort => 9050,
+) or xbail('err = '.eval('$IO::Socket::Socks::SOCKS_ERROR'));
+my ($nr, $min, $max, $grp) = $on->group($uri->group);
+ok($nr > 0 && $min > 0 && $min < $max, 'nr, min, max make sense') or
+ diag explain([$nr, $min, $max, $grp]);
+is($grp, $uri->group, 'group matches');
+done_testing;
^ permalink raw reply related [relevance 4%]
* [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes
@ 2021-04-30 9:24 7% Eric Wong
2021-04-30 9:24 4% ` [PATCH 7/8] net_reader: Net::NNTP --proxy=socks5h:// support Eric Wong
0 siblings, 1 reply; 2+ results
From: Eric Wong @ 2021-04-30 9:24 UTC (permalink / raw)
To: meta
Attempting to use torsocks(1) for NNTP or IMAP could get tricky.
Fortunately, IO::Socket::Socks is packaged for on CentOS 7,
FreeBSD, and Debian, so it seems to be a reasonable way to
support NNTP and IMAP Tor onions.
--proxy= (shared with curl) is supported for one-off
command-line use, but imap.proxy and nntp.proxy are both
supported along with URL-matching variants with git 1.8.5 (or
git 2.26 for wildcard URL matching).
Only socks5h:// proxies are supported (the default with
IO::Socket::Socks), which is what Tor uses. I doubt its worth
the effort (and potential for DNS request leaks) to support
prior versions of SOCKS in 2021.
Eric Wong (8):
lei sucks: preserve utsname.machine, add "x86" where appropriate
lei_curl: improve correctness of LD_PRELOAD check
lei: kill old PIDs when dropping
lei: ensure autoflush(1) is on STDERR
net_reader: {nn,mic}_for: use prototypes for internal subs
lei: IMAP .onion support via --proxy=s switch
net_reader: Net::NNTP --proxy=socks5h:// support
net_reader: support (imap|nntp).proxy in config file
MANIFEST | 2 +
lib/PublicInbox/Config.pm | 1 +
lib/PublicInbox/LEI.pm | 24 ++++++++---
lib/PublicInbox/LeiCurl.pm | 2 +-
lib/PublicInbox/LeiInput.pm | 2 +-
lib/PublicInbox/LeiSucks.pm | 3 +-
lib/PublicInbox/LeiToMail.pm | 4 +-
lib/PublicInbox/NetNNTPSocks.pm | 33 +++++++++++++++
lib/PublicInbox/NetReader.pm | 72 +++++++++++++++++++++++++++------
xt/net_nntp_socks.t | 22 ++++++++++
10 files changed, 141 insertions(+), 24 deletions(-)
create mode 100644 lib/PublicInbox/NetNNTPSocks.pm
create mode 100644 xt/net_nntp_socks.t
^ permalink raw reply [relevance 7%]
Results 1-2 of 2 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2021-04-30 9:24 7% [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes Eric Wong
2021-04-30 9:24 4% ` [PATCH 7/8] net_reader: Net::NNTP --proxy=socks5h:// support Eric Wong
Code repositories for project(s) associated with this public inbox
https://80x24.org/public-inbox.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).