http: auto-configure for local Tor proxy if called as 'tor'

With apts http transport supporting socks5h proxies and all the work
in terms of configuration of methods based on the name it is called with
it becomes surprisingly easy to implement Tor support equally (and
perhaps even a bit exceeding) what is available currently in
apt-transport-tor.

How this will turn out to be handled packaging wise we will see in
https://lists.debian.org/deity/2016/08/msg00012.html , but until this is
resolved we can add the needed support without actively enabling it for
now, so that this can be tested better.

diff --git a/methods/http.cc b/methods/http.cc
index 1ed2e362969a57d58bd3f42a653209c245a28a97..0358b50cd25bc37e0031e30f93e82eeb1e2aaa1d 100644 (file)
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -357,6 +357,9 @@ bool HttpServerState::Open()
         Proxy = "";
    }
 
+   if (Proxy.empty() == false)
+      Owner->AddProxyAuth(Proxy, ServerName);
+
    if (Proxy.Access == "socks5h")
    {
       if (Connect(Proxy.Host, Proxy.Port, "socks", 1080, ServerFd, TimeOut, Owner) == false)

diff --git a/methods/https.cc b/methods/https.cc
index 47dce2ea0d0c57f17e81d44c3c566f14ae59a360..283126f6b3e1a01f6fcc4e36edc544bed3fc530f 100644 (file)
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -213,6 +213,8 @@ bool HttpsMethod::SetupProxy()                                              /*{{{*/
    if (UseProxy.empty() == false)
    {
       Proxy = UseProxy;
+      AddProxyAuth(Proxy, ServerName);
+
       if (Proxy.Access == "socks5h")
         curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5_HOSTNAME);
       else if (Proxy.Access == "socks5")

diff --git a/methods/server.cc b/methods/server.cc
index 7c85c8abbf24a183ea78178f36cbe8ebe98af029..0888617b1f1f2b2ddf5744c74cc221cbbfee071e 100644 (file)
--- a/methods/server.cc
+++ b/methods/server.cc
@@ -794,3 +794,29 @@ ServerMethod::ServerMethod(std::string &&Binary, char const * const Ver,unsigned
 {
 }
                                                                        /*}}}*/
+bool ServerMethod::Configuration(std::string Message)                  /*{{{*/
+{
+   if (aptMethod::Configuration(Message) == false)
+      return false;
+
+   _config->CndSet("Acquire::tor::Proxy",
+        "socks5h://apt-transport-tor@localhost:9050");
+   return true;
+}
+                                                                       /*}}}*/
+bool ServerMethod::AddProxyAuth(URI &Proxy, URI const &Server) const   /*{{{*/
+{
+   if (std::find(methodNames.begin(), methodNames.end(), "tor") != methodNames.end() &&
+        Proxy.User == "apt-transport-tor" && Proxy.Password.empty())
+   {
+      std::string pass = Server.Host;
+      pass.erase(std::remove_if(pass.begin(), pass.end(), [](char const c) { return std::isalnum(c) == 0; }), pass.end());
+      if (pass.length() > 255)
+        Proxy.Password = pass.substr(0, 255);
+      else
+        Proxy.Password = std::move(pass);
+   }
+   // FIXME: should we support auth.conf for proxies?
+   return true;
+}
+                                                                       /*}}}*/

diff --git a/methods/server.h b/methods/server.h
index f6a635dcac99b32becd3a82ad3ff45b5ebea0587..1d114354f2a85ae7149b454111b1240d78746a9c 100644 (file)
--- a/methods/server.h
+++ b/methods/server.h
@@ -156,6 +156,9 @@ class ServerMethod : public aptMethod
    virtual void SendReq(FetchItem *Itm) = 0;
    virtual std::unique_ptr<ServerState> CreateServerState(URI const &uri) = 0;
    virtual void RotateDNS() = 0;
+   virtual bool Configuration(std::string Message) APT_OVERRIDE;
+
+   bool AddProxyAuth(URI &Proxy, URI const &Server) const;
 
    ServerMethod(std::string &&Binary, char const * const Ver,unsigned long const Flags);
    virtual ~ServerMethod() {};