* [PATCH 2/8] lei_curl: improve correctness of LD_PRELOAD check
2021-04-30 9:24 5% [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes Eric Wong
@ 2021-04-30 9:24 7% ` Eric Wong
0 siblings, 0 replies; 2+ results
From: Eric Wong @ 2021-04-30 9:24 UTC (permalink / raw)
To: meta
LD_PRELOAD sent by a client can't affect lei-daemon.
---
lib/PublicInbox/Config.pm | 1 +
lib/PublicInbox/LeiCurl.pm | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/PublicInbox/Config.pm b/lib/PublicInbox/Config.pm
index 016f50ec..3f0f5a01 100644
--- a/lib/PublicInbox/Config.pm
+++ b/lib/PublicInbox/Config.pm
@@ -12,6 +12,7 @@ use strict;
use v5.10.1;
use PublicInbox::Inbox;
use PublicInbox::Spawn qw(popen_rd);
+our $LD_PRELOAD = $ENV{LD_PRELOAD}; # only valid at startup
sub _array ($) { ref($_[0]) eq 'ARRAY' ? $_[0] : [ $_[0] ] }
diff --git a/lib/PublicInbox/LeiCurl.pm b/lib/PublicInbox/LeiCurl.pm
index 69c64cdf..ce57e796 100644
--- a/lib/PublicInbox/LeiCurl.pm
+++ b/lib/PublicInbox/LeiCurl.pm
@@ -55,7 +55,7 @@ sub torsocks { # useful for "git clone" and "git fetch", too
$opt->{torsocks} = 'false' if $opt->{'no-torsocks'};
my $torsocks = $opt->{torsocks} //= 'auto';
if ($torsocks eq 'auto' && substr($uri->host, -6) eq '.onion' &&
- (($lei->{env}->{LD_PRELOAD}//'') !~ /torsocks/)) {
+ ($PublicInbox::Config::LD_PRELOAD//'') !~ m!/libtorsocks\b!) {
# "auto" continues anyways if torsocks is missing;
# a proxy may be specified via CLI, curlrc,
# environment variable, or even firewall rule
^ permalink raw reply related [relevance 7%]
* [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes
@ 2021-04-30 9:24 5% Eric Wong
2021-04-30 9:24 7% ` [PATCH 2/8] lei_curl: improve correctness of LD_PRELOAD check Eric Wong
0 siblings, 1 reply; 2+ results
From: Eric Wong @ 2021-04-30 9:24 UTC (permalink / raw)
To: meta
Attempting to use torsocks(1) for NNTP or IMAP could get tricky.
Fortunately, IO::Socket::Socks is packaged for on CentOS 7,
FreeBSD, and Debian, so it seems to be a reasonable way to
support NNTP and IMAP Tor onions.
--proxy= (shared with curl) is supported for one-off
command-line use, but imap.proxy and nntp.proxy are both
supported along with URL-matching variants with git 1.8.5 (or
git 2.26 for wildcard URL matching).
Only socks5h:// proxies are supported (the default with
IO::Socket::Socks), which is what Tor uses. I doubt its worth
the effort (and potential for DNS request leaks) to support
prior versions of SOCKS in 2021.
Eric Wong (8):
lei sucks: preserve utsname.machine, add "x86" where appropriate
lei_curl: improve correctness of LD_PRELOAD check
lei: kill old PIDs when dropping
lei: ensure autoflush(1) is on STDERR
net_reader: {nn,mic}_for: use prototypes for internal subs
lei: IMAP .onion support via --proxy=s switch
net_reader: Net::NNTP --proxy=socks5h:// support
net_reader: support (imap|nntp).proxy in config file
MANIFEST | 2 +
lib/PublicInbox/Config.pm | 1 +
lib/PublicInbox/LEI.pm | 24 ++++++++---
lib/PublicInbox/LeiCurl.pm | 2 +-
lib/PublicInbox/LeiInput.pm | 2 +-
lib/PublicInbox/LeiSucks.pm | 3 +-
lib/PublicInbox/LeiToMail.pm | 4 +-
lib/PublicInbox/NetNNTPSocks.pm | 33 +++++++++++++++
lib/PublicInbox/NetReader.pm | 72 +++++++++++++++++++++++++++------
xt/net_nntp_socks.t | 22 ++++++++++
10 files changed, 141 insertions(+), 24 deletions(-)
create mode 100644 lib/PublicInbox/NetNNTPSocks.pm
create mode 100644 xt/net_nntp_socks.t
^ permalink raw reply [relevance 5%]
Results 1-2 of 2 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2021-04-30 9:24 5% [PATCH 0/8] lei NNTP/IMAP .onion support and misc fixes Eric Wong
2021-04-30 9:24 7% ` [PATCH 2/8] lei_curl: improve correctness of LD_PRELOAD check Eric Wong
Code repositories for project(s) associated with this public inbox
https://80x24.org/public-inbox.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).