GNU bug report logs - #53941
27.2; socks + tor dont work with https

Previous Next

Package: emacs;

Reported by: Jacobo <gnuhacker <at> member.fsf.org>

Date: Fri, 11 Feb 2022 14:32:01 UTC

Severity: normal

Tags: patch

Found in version 27.2

Full log

View this message in rfc822 format

From: "J.P." <jp <at> neverwas.me>
To: Jacobo <gnuhacker <at> member.fsf.org>
Cc: 53941 <at> debbugs.gnu.org
Subject: bug#53941: 27.2; socks + tor dont work with https
Date: Mon, 14 Feb 2022 04:37:39 -0800

[Message part 1 (text/plain, inline)]
Hi Jacobo,

Jacobo <gnuhacker <at> member.fsf.org> writes:

> Emacs can not resolve domains when it is https if you are using a
> socks proxy (socks.el) [...] It works, load http://gnu.org (HTTP in
> plain) Also work with .onion domains in HTTP plain No problems with
> HTTP but When I try: M-x eww RET https://gnu.org RET
>
> Return an error: Bad Request

It's certainly possible (see attached). But can it be done responsibly?

In this day and age, when processes and services resolve host names in
all manner of ways, how can we be confident there won't be any leaks? At
present, the main interfaces to various protocol stacks (for example,
url-gw.el and friends) don't seem geared toward making those kinds of
assurances. (Not that they ought to be.)

That said, providing the building blocks on the SOCKS side doesn't seem
like the crime of the century. I've been sitting on what became the
basis for these patches for a while now, but these here were hastily
adapted and might come with some warts. Still, I believe them
straightforward enough to illustrate a basic means of achieving what
you're after.

> In GNU Emacs 27.2 (build 1, x86_64-pc-linux-gnu, GTK+ Version 3.24.30,

I also have some examples with shims for 27 running periodically in CI.
These include a demo of using ERC to connect to Libera.Chat via SOCKS
over TLS. (But that requires an IRCv3 library, which is still a work in
progress.) If you're interested in experimenting with any of this stuff,
please let me know. That goes for anyone else out there as well. Thanks.


[0001-Set-coding-system-for-SOCKS-connections-to-binary.patch (text/x-patch, attachment)]
[0002-Add-support-for-SOCKS-4a.patch (text/x-patch, attachment)]
[0003-Support-SOCKS-RESOLVE-extension.patch (text/x-patch, attachment)]
[0004-POC-Demo-SOCKS-RESOLVE-over-HTTPS.patch (text/x-patch, attachment)]
This bug report was last modified 274 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.