summaryrefslogtreecommitdiffstats
path: root/config/chroot_local-patches/0002-Allow-specifying-that-Enigmail-keyserver-communicati.patch
blob: c00d0c8d4d70a920eb4e49c949fb170edc31fca1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
From: intrigeri <intrigeri@boum.org>
Date: Tue, 31 Jan 2017 16:04:33 +0000
Subject: Allow specifying that Enigmail keyserver communication is torified
 already.

This can be done by setting extensions.torbirdy.enigmail.already_torified
to true.

It is needed e.g. when using GnuPG 2.1+, in which case these keyserver options
break dirmngr:

  no-try-dns-srv,http-proxy=socks5h://127.0.0.1:9150

... as reported e.g. on https://trac.torproject.org/projects/tor/ticket/19971
and https://labs.riseup.net/code/issues/11948.

The correct way to torify keyserver communication with Modern GnuPG is to set
"use-tor" in ~/.gnupg/dirmngr.conf. Let's not break things for users who have
configured this properly, e.g. Tails.

Note that the Enigmail master branch has code to use Tor for keyserver
operations. My understanding of the code is that it supports GnuPG 2 nicely, and
detects whether dirmngr is already configured to use Tor. Once that's released
and ready for production use, the parts of the Torbirdy code that are about
torifying Enigmail communication with keyservers can go away:

  https://sourceforge.net/p/enigmail/source/ci/74e19771ec18cd5e7b542c32a9b34d47697f50ed/

... which is why I didn't bother investing time into a nicer solution on
Torbirdy's side.
---
 chrome/content/overlay.js     |  1 +
 chrome/content/preferences.js | 13 ++++++++-----
 defaults/preferences/prefs.js |  1 +

---

Refreshed-by: Cyril Brulebois <cyril@debamax.com> on 2018-08-09 for Torbirdy 0.2.5

Notes:
 - chrome/content/overlay.js merged upstream.
 - chrome/content/preferences.js partially merged upstream, including
   differentiated handling of some options. Remaining diff: defaulting
   to a socks5h://127.0.0.1:9050 proxy unless anonService is set to
   “jondo”.
 - defaults/preferences/prefs.js merged upstream.
---
 preferences.js |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

--- a/usr/share/xul-ext/torbirdy/chrome/content/preferences.js
+++ b/usr/share/xul-ext/torbirdy/chrome/content/preferences.js
@@ -42,10 +42,11 @@
       opts += "--throw-keyids ";
     }
     if (! pub.prefs.getBoolPref("extensions.torbirdy.gpg_already_torified")) {
+      var proxy = "socks5h://127.0.0.1:9050";
       if (anonService === "jondo") {
-        let proxy = "http://127.0.0.1:4001";
-        opts += "--keyserver-options=no-try-dns-srv,http-proxy=" + proxy + " ";
+        proxy = "http://127.0.0.1:4001";
       }
+      opts += "--keyserver-options=no-try-dns-srv,http-proxy=" + proxy + " ";
     }
 
     return opts +