lagrange icon indicating copy to clipboard operation
lagrange copied to clipboard

Published 20 hours ago verified publisher icon skyjake

Add support for SOCKS 5

Open ElonSatoshi opened this issue 4 years ago • 13 comments

There are lots of gopherholes that end in .onion.

ElonSatoshi avatar Feb 27 '21 01:02 ElonSatoshi

I think SOCKS4 and SOCKS5 are worth implementing but I don't think we should start implementing Tor. lagrange is a small project that is still in early days and has multiple bugs, and I don't think deciding whether to support a protocol or not should be taken lightly.

Tor is an anonymity network and implementing it would be unnecessary and inappropriate for Geminispace. Finding critical bugs and vulnerabilities in lagrange to improves its security would be much more useful.

There are lots of gopherholes that end in .onion.

I don't think the prevalence of gopherholes ending in .onion really matters.

Br0000k avatar Feb 27 '21 22:02 Br0000k

If socks5 support is implemented, people will be able to set the proxy to socks5://127.0.0.1:9050 and use Lagrange over Tor. That's really all I was hoping for when I made this issue.

I don't think the prevalence of gopherholes ending in .onion really matters.

Connections to hidden services over Tor are secured by Tor's encryption, much like TLS secures Gemini connections or HTTPS connections. This can be done without needing to extend the gopher protocol to include TLS and requiring a server and client that support it. So even just having socks5 proxy support would allow people to connect more securely to gopherholes that run over Tor.

ElonSatoshi avatar Feb 28 '21 03:02 ElonSatoshi

SOCKS 5 has other uses beyond Tor access, so it would be a nice to have feature.

skyjake avatar Feb 28 '21 04:02 skyjake

SOCKS 5 has other uses beyond Tor access, so it would be a nice to have feature.

I agree. SOCKS4 might also be worth implementing and it shouldn't be too difficult.

Br0000k avatar Feb 28 '21 18:02 Br0000k

In the meantime, I just discovered that Lagrange works perfectly (so far) with Torsocks. To use Lagrange over Tor:

  1. Download the appimage.
  2. Run it in a terminal with: torsocks ./Lagrange-*.AppImage.

Tested by loading a gemini capsule, a gopherhole, and a .onion gopherhole.

Edit: Assuming you're using the appimage (tested on Fedora 33), all Lagrange files (cookies, history, settings etc) should be in ~/.config/lagrange/. To reset it entirely, use a secure delete tool like wipe, shred, or srm to delete that folder, or just certain stuff from there such as history.

However, Lagrange's documentation says that its history doesn't log every single time you visit or revisit a site at exactly what time, instead it shows a list of unique URLs you've visited with the ones you've visited or revisited most recently shown first. It may also be useful to note that I don't think Gopher or Gemini have cookies, referers, or send info about what client you're using to servers. And every page you load makes only 1 request, there are no pictures automatically loaded, CSS themes, javascript, or embedded third party pages.

Nevertheless, do your own research, be careful, and use Tails OS if you can.

ElonSatoshi avatar Mar 08 '21 03:03 ElonSatoshi

This feature would be very useful even outside of the Tor context, as sometimes in a corporate environment the user must use an HTTP or SOCKS proxy for internet access. So far I can use proxychains-ng to get around this and pipe all traffic through a SOCKS5 proxy, but unfortunately this prevents me from using flatpak as proxychains-ng is not available in the runtime.

ghost avatar Apr 18 '21 18:04 ghost

Even ignoring TOR entirely there are some use cases like circumventing DNS filtering or public wifi blocking everything but "well known" ports that are useful to use a SOCKS5 proxy like ssh -D to avoid. The user action for that looks something like this:

$ ssh -p443 -nND 8080 [email protected] &
$ lagrange --socks5-proxy=localhost:8080

tidux avatar Nov 09 '21 23:11 tidux

This feature would also be interesting for I2P (https://geti2p.net/). I2P is a darknet similar to Tor, but with a focus on internal services. In I2P there was already a discussion how to do it (http://zzz.i2p/topics/3113-gemini-protocol-over-i2p). The easiest way would be to have SOCKS support, since I2P (like Tor) also offers a SOCKS proxy.

marek22k avatar Jul 21 '22 17:07 marek22k

This feature would also be helpful for communication over constrained channels where performance enhancing proxies are used to establish and handle communications (eg SATCOM services, HF radio).

ggramaize avatar Jul 30 '22 03:07 ggramaize

afaik, dante is a go-to library for socks proxy support

just include socks.h, link with -lsocks and use SOCKS_SERVER environment variable

CyberTailor avatar Jan 06 '23 09:01 CyberTailor

Found a small library that allows configuration, see example: https://github.com/brechtsanders/proxysocket/blob/master/examples/ipify.c

CyberTailor avatar Jan 07 '23 10:01 CyberTailor

Tried to get Dante working with Lagrange... It seems like the_Foundation needs to be linked against it, however I doubt if it is desired.

CyberTailor avatar Jan 13 '23 22:01 CyberTailor