diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c index 3b3916a23..0f34e2794 100644 --- a/dirmngr/crlfetch.c +++ b/dirmngr/crlfetch.c @@ -196,8 +196,9 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) } else err = http_open_document (&hd, url, NULL, - (opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) - |(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0), + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + |(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0) + |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0)), ctrl->http_proxy, NULL, NULL, NULL); switch ( err? 99999 : http_get_status_code (hd) ) @@ -289,6 +290,12 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) "LDAP"); err = gpg_error (GPG_ERR_NOT_SUPPORTED); } + else if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("CRL access not possible due to TOR mode\n")); + err = gpg_error (GPG_ERR_NOT_SUPPORTED); + } else { # if USE_LDAP @@ -309,12 +316,19 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) gpg_error_t crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader) { + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("CRL access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } if (opt.disable_ldap) { log_error (_("CRL access not possible due to disabled %s\n"), "LDAP"); return gpg_error (GPG_ERR_NOT_SUPPORTED); } + #if USE_LDAP return attr_fetch_ldap (ctrl, issuer, "certificateRevocationList", reader); @@ -334,6 +348,12 @@ crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader) gpg_error_t ca_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, const char *dn) { + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("CRL access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } if (opt.disable_ldap) { log_error (_("CRL access not possible due to disabled %s\n"), @@ -355,6 +375,12 @@ gpg_error_t start_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, strlist_t patterns, const ldap_server_t server) { + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("CRL access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } if (opt.disable_ldap) { log_error (_("certificate search not possible due to disabled %s\n"), diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index 10cc45e00..fb9a70135 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -140,6 +140,7 @@ enum cmd_and_opt_values { oLDAPWrapperProgram, oHTTPWrapperProgram, oIgnoreCertExtension, + oUseTor, aTest }; @@ -215,6 +216,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oHkpCaCert, "hkp-cacert", N_("|FILE|use the CA certificates in FILE for HKP over TLS")), + ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via TOR")), ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */ @@ -518,6 +520,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) } FREE_STRLIST (opt.ignored_cert_extensions); http_register_tls_ca (NULL); + /* We do not allow resetting of opt.use_tor at runtime. */ return 1; } @@ -580,6 +583,8 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str); break; + case oUseTor: opt.use_tor = 1; break; + default: return 0; /* Not handled. */ } @@ -1405,6 +1410,7 @@ main (int argc, char **argv) /* Note: The next one is to fix a typo in gpgconf - should be removed eventually. */ es_printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE); + es_printf ("use-tor:%lu:\n", flags | GC_OPT_FLAG_NONE); } cleanup (); return !!rc; diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h index 4f037e714..a2db62755 100644 --- a/dirmngr/dirmngr.h +++ b/dirmngr/dirmngr.h @@ -93,6 +93,7 @@ struct int system_service; /* We are running as W32 service (implies daemon). */ int system_daemon; /* We are running in system daemon mode. */ int running_detached; /* We are running in detached mode. */ + int use_tor; /* TOR mode has been enabled. */ int force; /* Force loading outdated CRLs. */ diff --git a/dirmngr/ks-engine-finger.c b/dirmngr/ks-engine-finger.c index 57dd340e8..96e092d24 100644 --- a/dirmngr/ks-engine-finger.c +++ b/dirmngr/ks-engine-finger.c @@ -82,7 +82,8 @@ ks_finger_fetch (ctrl_t ctrl, parsed_uri_t uri, estream_t *r_fp) } *server++ = 0; - err = http_raw_connect (&http, server, 79, 0, NULL); + err = http_raw_connect (&http, server, 79, + (opt.use_tor? HTTP_FLAG_FORCE_TOR : 0), NULL); if (err) { xfree (name); diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index a0104117d..18ad7317d 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -965,7 +965,9 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, request, httphost, /* fixme: AUTH */ NULL, - (httpflags | (opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)), + (httpflags + |(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0)), ctrl->http_proxy, session, NULL, diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c index 13e51c69e..ae128ee12 100644 --- a/dirmngr/ks-engine-http.c +++ b/dirmngr/ks-engine-http.c @@ -77,7 +77,8 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp) url, /* httphost */ NULL, /* fixme: AUTH */ NULL, - (opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0), + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0)), ctrl->http_proxy, session, NULL, diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c index 1b8ef031a..c6fa5ebc3 100644 --- a/dirmngr/ks-engine-ldap.c +++ b/dirmngr/ks-engine-ldap.c @@ -836,6 +836,13 @@ ks_ldap_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, (void) ctrl; + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("LDAP access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } + /* Before connecting to the server, make sure we have a sane keyspec. If not, there is no need to establish a network connection. */ @@ -1012,6 +1019,13 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern, (void) ctrl; + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("LDAP access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } + /* Before connecting to the server, make sure we have a sane keyspec. If not, there is no need to establish a network connection. */ @@ -1881,6 +1895,13 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri, /* Elide a warning. */ (void) ctrl; + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("LDAP access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } + ldap_err = my_ldap_connect (uri, &ldap_conn, &basedn, &pgpkeyattr, &real_ldap); if (ldap_err || !basedn) diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c index 8971b9ffa..f81f3358e 100644 --- a/dirmngr/ocsp.c +++ b/dirmngr/ocsp.c @@ -132,6 +132,14 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md, (void)ctrl; + if (opt.use_tor) + { + /* For now we do not allow OCSP via TOR due to possible privacy + concerns. Needs further research. */ + log_error (_("OCSP request not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } + if (opt.disable_http) { log_error (_("OCSP request not possible due to disabled HTTP\n")); @@ -165,7 +173,8 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md, once_more: err = http_open (&http, HTTP_REQ_POST, url, NULL, NULL, - (opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0), + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0)), ctrl->http_proxy, NULL, NULL, NULL); if (err) { diff --git a/dirmngr/server.c b/dirmngr/server.c index 0f1d2623e..694a881cc 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -626,6 +626,12 @@ option_handler (assuan_context_t ctx, const char *key, const char *value) else if (!(ctrl->http_proxy = xtrystrdup (value))) err = gpg_error_from_syserror (); } + else if (!strcmp (key, "honor-keyserver-url-used")) + { + /* Return an error if we are running in TOR mode. */ + if (opt.use_tor) + err = gpg_error (GPG_ERR_FORBIDDEN); + } else err = gpg_error (GPG_ERR_UNKNOWN_OPTION); @@ -697,6 +703,12 @@ cmd_dns_cert (assuan_context_t ctx, char *line) } } + if (opt.use_tor) + { + err = gpg_error (GPG_ERR_FORBIDDEN); + goto leave; + } + if (pka_mode) { char *domain; /* Points to mbox. */ @@ -1970,7 +1982,7 @@ static const char hlp_getinfo[] = "\n" "version - Return the version of the program.\n" "pid - Return the process id of the server.\n" - "\n" + "tor - Return OK if running in TOR mode\n" "socket_name - Return the name of the socket.\n"; static gpg_error_t cmd_getinfo (assuan_context_t ctx, char *line) @@ -2001,6 +2013,10 @@ cmd_getinfo (assuan_context_t ctx, char *line) else err = gpg_error (GPG_ERR_NO_DATA); } + else if (!strcmp (line, "tor")) + { + err = opt.use_tor? 0:set_error (GPG_ERR_GENERAL, "TOR mode not enabled"); + } else err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT"); diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index cb8308861..3f0d83ba5 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -908,6 +908,13 @@ static gc_option_t gc_options_dirmngr[] = "dirmngr", "force loading of outdated CRLs", GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR }, + { "TOR", + GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC, + "gnupg", N_("Options controlling the use of TOR") }, + { "use-tor", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC, + "dirmngr", "route all network traffic via TOR", + GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR }, + { "HTTP", GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED, "gnupg", N_("Configuration for HTTP servers") },