From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: "J.P." Newsgroups: gmane.emacs.bugs Subject: bug#63662: 30.0.50; ERC 5.6: Document how to connect over SOCKS Date: Tue, 23 May 2023 06:44:13 -0700 Message-ID: <87h6s3rwlu.fsf__30840.1397125394$1684849528$gmane$org@neverwas.me> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="8450"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: emacs-erc@gnu.org To: 63662@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Tue May 23 15:45:18 2023 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1q1SKD-0001uF-UJ for geb-bug-gnu-emacs@m.gmane-mx.org; Tue, 23 May 2023 15:45:18 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q1SK4-0006e3-1x; Tue, 23 May 2023 09:45:08 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q1SK2-0006bK-LM; Tue, 23 May 2023 09:45:06 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q1SJy-0000SZ-5f; Tue, 23 May 2023 09:45:06 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1q1SJy-0001Uz-15; Tue, 23 May 2023 09:45:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: "J.P." Original-Sender: "Debbugs-submit" Resent-CC: emacs-erc@gnu.org, bug-gnu-emacs@gnu.org Resent-Date: Tue, 23 May 2023 13:45:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 63662 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch X-Debbugs-Original-To: bug-gnu-emacs@gnu.org X-Debbugs-Original-Xcc: emacs-erc@gnu.org Original-Received: via spool by submit@debbugs.gnu.org id=B.16848494685696 (code B ref -1); Tue, 23 May 2023 13:45:01 +0000 Original-Received: (at submit) by debbugs.gnu.org; 23 May 2023 13:44:28 +0000 Original-Received: from localhost ([127.0.0.1]:38700 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q1SJP-0001Tn-3I for submit@debbugs.gnu.org; Tue, 23 May 2023 09:44:27 -0400 Original-Received: from lists.gnu.org ([209.51.188.17]:54822) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q1SJM-0001Td-Gi for submit@debbugs.gnu.org; Tue, 23 May 2023 09:44:25 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q1SJK-00064Z-6c for bug-gnu-emacs@gnu.org; Tue, 23 May 2023 09:44:24 -0400 Original-Received: from mail-108-mta252.mxroute.com ([136.175.108.252]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q1SJG-0000Jm-F2 for bug-gnu-emacs@gnu.org; Tue, 23 May 2023 09:44:21 -0400 Original-Received: from mail-111-mta2.mxroute.com ([136.175.111.2] filter006.mxroute.com) (Authenticated sender: mN4UYu2MZsgR) by mail-108-mta252.mxroute.com (ZoneMTA) with ESMTPSA id 18848da724b00074ee.001 for (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256); Tue, 23 May 2023 13:44:15 +0000 X-Zone-Loop: 796ec89b1115832802d59b3ae3ace431b12cbb518135 X-Originating-IP: [136.175.111.2] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=neverwas.me ; s=x; h=Content-Type:MIME-Version:Message-ID:Date:Subject:To:From:Sender: Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Rz815BJPg3q7ZZ/8X9kh+KgF9O7BdbJhjzzv3V1lEy0=; b=IiDO+JFQj4BimcB5uHgbu278WP FOZKMGh0m1ryTQs8zxaaYfJICKevpF8kVafFJ93RHWwxTjVvTN///K3ZshrR/bifQ+iLkDCg4uKr0 VJdvO17ONGJFNFZhb+ogHiE5RlSt6yArWyl2IF2Qa8vVmpYFuvQXc6AAdsGKyuOFoDciSObDnoQR+ RJHDaQj7QpNY8OraeSkjYmpLWq0x7qPjby1OV4kN7l9e37PtGnLjU+2OIh+iTwba3EaS3LPL4oK2i UXISnFjaMbLLMQ4iWKGRL9y8PVUEJwIJC6DD5qCMuF++3bBPGxk1n9lbH1U9nwln2d7yls1egwgFZ r05wSRzg==; X-Authenticated-Id: masked@neverwas.me Received-SPF: pass client-ip=136.175.108.252; envelope-from=jp@neverwas.me; helo=mail-108-mta252.mxroute.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:262231 Archived-At: --=-=-= Content-Type: text/plain Tags: patch For whatever reason, new and would-be users come around seeking guidance on this particular topic with some regularity. The belated proposal before you is intended to help stem this tide and hopefully reduce the many man-hours spent fielding such questions on IRC. In GNU Emacs 30.0.50 (build 1, x86_64-pc-linux-gnu, GTK+ Version 3.24.37, cairo version 1.17.6) of 2023-05-23 built on localhost Repository revision: d4ff1d74209e97730c52ddd50c4d643c79087a33 Repository branch: master Windowing system distributor 'The X.Org Foundation', version 11.0.12014000 System Description: Fedora Linux 37 (Workstation Edition) Configured using: 'configure --enable-check-lisp-object-type --enable-checking=yes,glyphs 'CFLAGS=-O0 -g3' PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig' Configured features: ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GPM GSETTINGS HARFBUZZ JPEG JSON LCMS2 LIBOTF LIBSELINUX LIBSYSTEMD LIBXML2 M17N_FLT MODULES NOTIFY INOTIFY PDUMPER PNG RSVG SECCOMP SOUND SQLITE3 THREADS TIFF TOOLKIT_SCROLL_BARS WEBP X11 XDBE XIM XINPUT2 XPM GTK3 ZLIB Important settings: value of $LANG: en_US.UTF-8 value of $XMODIFIERS: @im=ibus locale-coding-system: utf-8-unix Major mode: Lisp Interaction Minor modes in effect: tooltip-mode: t global-eldoc-mode: t eldoc-mode: t show-paren-mode: t electric-indent-mode: t mouse-wheel-mode: t tool-bar-mode: t menu-bar-mode: t file-name-shadow-mode: t global-font-lock-mode: t font-lock-mode: t blink-cursor-mode: t line-number-mode: t indent-tabs-mode: t transient-mark-mode: t auto-composition-mode: t auto-encryption-mode: t auto-compression-mode: t Load-path shadows: None found. Features: (shadow sort mail-extr emacsbug message mailcap yank-media puny dired dired-loaddefs rfc822 mml mml-sec epa epg rfc6068 epg-config gnus-util text-property-search time-date mm-decode mm-bodies mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader sendmail rfc2047 rfc2045 ietf-drums mm-util mail-prsvr mail-utils erc derived auth-source eieio eieio-core password-cache json map format-spec erc-backend erc-networks easy-mmode byte-opt bytecomp byte-compile erc-common inline erc-compat cl-seq cl-macs gv pcase rx subr-x cl-loaddefs cl-lib erc-loaddefs rmc iso-transl tooltip cconv eldoc paren electric uniquify ediff-hook vc-hooks lisp-float-type elisp-mode mwheel term/x-win x-win term/common-win x-dnd tool-bar dnd fontset image regexp-opt fringe tabulated-list replace newcomment text-mode lisp-mode prog-mode register page tab-bar menu-bar rfn-eshadow isearch easymenu timer select scroll-bar mouse jit-lock font-lock syntax font-core term/tty-colors frame minibuffer nadvice seq simple cl-generic indonesian philippine cham georgian utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms cp51932 hebrew greek romanian slovak czech european ethiopic indian cyrillic chinese composite emoji-zwj charscript charprop case-table epa-hook jka-cmpr-hook help abbrev obarray oclosure cl-preloaded button loaddefs theme-loaddefs faces cus-face macroexp files window text-properties overlay sha1 md5 base64 format env code-pages mule custom widget keymap hashtable-print-readable backquote threads dbusbind inotify lcms2 dynamic-setting system-font-setting font-render-setting cairo move-toolbar gtk x-toolkit xinput2 x multi-tty make-network-process emacs) Memory information: ((conses 16 117635 9315) (symbols 48 9931 0) (strings 32 24344 2099) (string-bytes 1 808855) (vectors 16 13426) (vector-slots 8 195576 8096) (floats 8 24 23) (intervals 56 228 0) (buffers 976 10)) --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-5.6-Document-recommended-way-to-use-ERC-over-Tor.patch >From 36097cf468c8e44a912718933e72dd8197b95e9b Mon Sep 17 00:00:00 2001 From: "F. Jason Park" Date: Mon, 22 May 2023 21:43:29 -0700 Subject: [PATCH] [5.6] Document recommended way to use ERC over Tor * doc/misc/erc.texi: Add new SOCKS section to the chapter on Integrations. Also bump version in front matter. * lisp/erc/erc.el (erc-open-socks-tls-stream): New convenience function to connect over Tor via SOCKS proxy. --- doc/misc/erc.texi | 53 ++++++++++++++++++++++++++++++++++++++++++++++- lisp/erc/erc.el | 18 ++++++++++++++++ 2 files changed, 70 insertions(+), 1 deletion(-) diff --git a/doc/misc/erc.texi b/doc/misc/erc.texi index 1f343fc8529..c4bf6831976 100644 --- a/doc/misc/erc.texi +++ b/doc/misc/erc.texi @@ -2,7 +2,7 @@ @c %**start of header @setfilename ../../info/erc.info @settitle ERC Manual -@set ERCVER 5.5 +@set ERCVER 5.6 @set ERCDIST as distributed with Emacs @value{EMACSVER} @include docstyle.texi @syncodeindex fn cp @@ -611,6 +611,7 @@ Advanced Usage Integrations * URL:: Opening IRC URLs in ERC. +* SOCKS:: Connecting to IRC with a SOCKS proxy. * auth-source:: Retrieving auth-source entries with ERC. @end detailmenu @@ -1252,6 +1253,56 @@ Integrations @noindent Users on Emacs 28 and below may need to use @code{browse-url} instead. +@anchor{SOCKS} +@subsection SOCKS +@cindex SOCKS + +People wanting to connect to IRC through a @acronym{SOCKS} proxy are +most likely interested in doing so over @acronym{TOR} (The Onion +Router). If that's @emph{not} you, please adapt these instructions +accordingly. Otherwise, keep in mind that support for Tor is +experimental and thus insufficient for safeguarding a user's identity +and location, especially in the case of targeted individuals. + +ERC's preferred Tor setup works by accessing a local Tor service +through the built-in @file{socks.el} library that ships with Emacs. +Other means of accessing Tor, such as via @command{torsocks}, are not +supported. Before getting started, check to ensure your Tor service +is up and running. You can do that with the following command: + +@example +curl --proxy socks5h://localhost:9050 https://check.torproject.org | \ + grep 'Congratulations' +@end example + +Networks and servers differ in how they expose Tor endpoints. In all +cases, you'll want to first set the option @code{socks-server} to +something appropriate, like @code{("tor" "127.0.0.1" 9050 5)}. For +some networks, setting @code{erc-server-connect-function} to +@code{socks-open-network-stream} might be enough. Others, like +@samp{Libera.Chat}, involve additional setup. At the time of writing, +connecting to @samp{Libera.Chat} requires both @acronym{TLS} and a +non-@samp{PLAIN} @acronym{SASL} mechanism (@pxref{SASL}). One way to +achieve that is by using the @samp{EXTERNAL} mechanism, as shown in +the following example: + +@lisp +(require 'socks) + +(let* ((socks-password "") + (socks-server '("tor" "localhost" 9050 5)) + (erc-modules (cons 'sasl erc-modules)) + (erc-sasl-mechanism 'external) + (erc-server-connect-function #'erc-open-socks-tls-stream)) + (erc-tls + :server "libera75jm6of4wxpxt4aynol3xjmbtxgfyjpu34ss4d7r7q2v5zrpyd.onion" + :port 6697 + :nick "jrh" + :user "jrandomhacker" + :full-name "J. Random Hacker" + :client-certificate (list "/home/jrh/key.pem" "/home/jrh/cert.pem"))) +@end lisp + @node auth-source @subsection auth-source @cindex auth-source diff --git a/lisp/erc/erc.el b/lisp/erc/erc.el index 495e25212ce..0be9eb69432 100644 --- a/lisp/erc/erc.el +++ b/lisp/erc/erc.el @@ -144,6 +144,8 @@ gtk-version-string (declare-function word-at-point "thingatpt" (&optional no-properties)) (autoload 'word-at-point "thingatpt") ; for hl-nicks +(declare-function gnutls-negotiate "gnutls" (&rest rest)) +(declare-function socks-open-network-stream "socks" (name buffer host service)) (declare-function url-host "url-parse" (cl-x)) (declare-function url-password "url-parse" (cl-x)) (declare-function url-portspec "url-parse" (cl-x)) @@ -2598,6 +2600,22 @@ erc-open-tls-stream (setq args `(,name ,buffer ,host ,port ,@p)) (apply #'open-network-stream args))) +(defun erc-open-socks-tls-stream (name buffer host service &rest parameters) + "Connect to an IRC server via SOCKS proxy over TLS. +Bind `erc-server-connect-function' to this function around calls +to `erc-tls'. See `erc-open-network-stream' for the meaning of +NAME and BUFFER. HOST should be a \".onion\" URL, SERVICE a TLS +port number, and PARAMETERS a sequence of key/value pairs, per +`open-network-stream'. See Info node `(erc) SOCKS' for more +info." + (require 'gnutls) + (require 'socks) + (let ((proc (socks-open-network-stream name buffer host service)) + (cert-info (plist-get parameters :client-certificate))) + (gnutls-negotiate :process proc + :hostname host + :keylist (and cert-info (list cert-info))))) + ;;; Displaying error messages (defun erc-error (&rest args) -- 2.40.0 --=-=-=--