Opened 5 years ago

Closed 5 years ago

#6974 closed enhancement (wontfix)

gpg socks support autodetection?

Reported by: tagnaq Owned by: ioerror
Priority: Medium Milestone:
Component: Applications/TorBirdy Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Replying to ioerror:

Replying to tagnaq:

Replying to ioerror:

Bad news - if the GPG client has no SOCKS5 support and you _try_ to use the SOCKS5 support it will fail badly.

This means we can not statically configure gpg to use socks5 proxies (in torbirdy).

I'm not sure of that but I understand the caution. I think that we just need to detect this (common) case and do something smart.

Can we build an autodetection for socks support and change enigmail's config acordingly?

  • enable socks5 proxy in enigmail's gpg options iff we have socks support
  • do not set the socks proxy if we have no support for it (set a non-existing http proxy to fail secure)

I don't like the idea of autodetection anymore we should have an http proxy and use one setup for all plattforms.

I assume currently probably less than 10 or 5% have proper socks support in their gpg installation.

Child Tickets

Change History (5)

comment:1 Changed 5 years ago by ioerror

Ok. Well - we're back to needing an HTTP proxy. Thoughts?

comment:2 Changed 5 years ago by tagnaq

If we agree that http support is the way to go (#6060) we can probably close this ticket.

comment:3 Changed 5 years ago by tagnaq

With the latest developments in [1] we are not going to see tor to have support for http.

[1] https://trac.torproject.org/projects/tor/ticket/6060#comment:23

comment:4 Changed 5 years ago by tagnaq

Is there a way we can get gpg to build with curl support for windows systems?

For now we should

  • enumerate gpg's socks support for top n linux distributions
  • document the status quo
  • decide if we aim for gpg/enigmail support (which implies that we need an external http proxy: privoxy or )

note: one can also use enigmail even if gpg is not able to fetch keys (I suppose in moste cases people have their keys already on the system)

comment:5 Changed 5 years ago by ioerror

Resolution: wontfix
Status: newclosed

Indeed. How depressing. I guess I'll go back to HTTP proxy settings in TorBirdy. Sigh.

Note: See TracTickets for help on using tickets.