[tor-bugs] #2846 [Torify]: Patch GPG to support SOCKS proxies
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Oct 9 00:00:02 UTC 2012
#2846: Patch GPG to support SOCKS proxies
------------------------+---------------------------------------------------
Reporter: rransom | Owner: mikeperry
Type: defect | Status: reopened
Priority: normal | Milestone:
Component: Torify | Version:
Resolution: | Keywords:
Parent: | Points:
Actualpoints: |
------------------------+---------------------------------------------------
Comment(by Bry8Star):
per suggestion of users, increased Tor logging levels, then found out
gnupg kept on trying to use 127.0.0.1:9050 as http-proxy, not as SOCKS
proxy.[[BR]]
so used polipo (http-proxy, 127.0.0.1:8118), instead.[[BR]]
i used polipo-1.0.4.1-forbidden-1-win32.exe, [[BR]]
config is [wiki:doc/TorifyHOWTO/Polipo here].
tried this (using "'''hkp'''" scheme):
gpg2.exe --display-charset utf-8 --keyserver-options http-
proxy={{{https://}}}127.0.0.1:8118,debug,verbose --debug-level expert
--verbose --no-emit-version --no-comments --throw-keyids --keyserver
{{{hkp://}}}pool.sks-keyservers.net --recv-keys 0x4193A197
WORKS. new circuit appears in Vidalia's "Tor Network Map". and no DNS leak
happens.
the "gpg2keys_hkp.exe" binary creates connection:
gnupg (tool "gpg2keys_hkp.exe") -> polipo (8118) -> tor (9050) -> tor-net
-> pool.sks-keyservers.net (11371) or round-robin keyserver (11371).
was able to send and receive keyids.
[[BR]]
connection toward any "'''hkps'''" keyserver, did not succeed.[[BR]]
neither directly, nor via tor.[[BR]]
(most likely) windows edition gnupg, does not support HKPS yet.[[BR]]
i did not see any "hkps" selectable scheme,[[BR]]
in the scheme list of Kleopatra.[[BR]]
- - - - - - - -[[BR]]
8559 13:30:24.xxxxxxxxx 192.168.0.10 34388 IP-KYSRVR-3
domain DNS 108 Standard query 0xb417 SRV _pgpkey-
https._tcp.keyserver.hostname[[BR]]
- - - - - - - -[[BR]]
8618 13:30:27.xxxxxxxxx 192.168.0.10 22959 IP-KYSRVR-3
domain DNS 120 Standard query 0x9204 DLV _pgpkey-
https._tcp.keyserver.hostname.dlv.isc.org[[BR]]
- - - - - - - -[[BR]]
8622 13:30:27.xxxxxxxxx IP-KYSRVR-3 domain 192.168.1.4
22959 DNS 822 Standard query response 0x9204 No such name[[BR]]
- - - - - - - -[[BR]]
when tested hkps via polipo, no DNS leaks.
[[BR]]
when tested for receiving keys, via "'''https'''" scheme, [[BR]]
then "gpg2keys_curl.exe" starts up, [[BR]]
but fails to communicate with destination keyserver, [[BR]]
communication error. server cert was specified.[[BR]]
wireshark shows no dns query performed.[[BR]]
keyserver which claimed they support https, [[BR]]
even those did not work.[[BR]]
so, gnupg for windows also lacks support[[BR]]
for this feature as well.
[[BR]]
when tested for receiving keys, via "'''http'''" scheme, [[BR]]
then "gpg2keys_curl.exe" starts up, [[BR]]
connects with keyserver's ip-address,[[BR]]
but "no valid OpenPGP data found." is shown, and, [[BR]]
"total number processed" remains 0.[[BR]]
no DNS leaks.[[BR]]
wireshark shows no dns query performed ![[BR]]
keyserver which claimed they support http, [[BR]]
even those did not work.[[BR]]
so, gnupg for windows, also lacks support [[BR]]
for this feature as well.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2846#comment:44>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list