~emersion/soju#230: 
Problems connecting over tor (feature request?: support SOCKS5)

I'm trying to run soju over tor via torsocks.

I can connect normally to libera.chat using SASL EXTERNAL.

As suggested by the libera.chat docs, I have tor mapping the libera .onion service to palladium.libera.chat. And soju is resolving to the correct virtual ipv4 address provided by tor. But after that, soju times out connecting:

Apr 30 21:51:11 irc-bouncer torsocks[2475]: 2024/04/30 21:51:11 user "foo": network "libera": waiting 3m53s before trying to reconnect to "ircs://palladium.libera.chat:6697"
Apr 30 21:55:04 irc-bouncer torsocks[2475]: 2024/04/30 21:55:04 user "foo": upstream "libera": connecting to TLS server at address "palladium.libera.chat:6697"
Apr 30 21:55:05 irc-bouncer torsocks[2475]: 2024/04/30 21:55:04 user "foo": upstream "libera": using TLS client certificate XXXXXXX
Apr 30 21:55:19 irc-bouncer torsocks[2475]: 2024/04/30 21:55:19 user "foo": network "libera": connection error to "ircs://palladium.libera.chat:6697": failed to connect: failed to dial "palladium.libera.chat:6697": dial tcp <nil>->X.X.X.X:6697: i/o >

I left off debugging there, so maybe (probably?) I'm missing something obvious.

For my current needs it would probably be sufficient to get torsocks working, but it seems like the ideal scenario would be for soju to support connecting via SOCKS5 directly. Here is a similar feature request for ZNC.

Thanks in advance!

Status
REPORTED
Submitter
~mikezackles
Assigned to
No-one
Submitted
5 months ago
Updated
3 months ago
Labels
No labels applied.

~mikezackles 5 months ago

For completeness, here's my torrc:

SocksPort 9050 NoPreferIPv6Automap
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
MapAddress palladium.libera.chat libera75jm6of4wxpxt4aynol3xjmbtxgfyjpu34ss4d7r7q2v5zrpyd.onion

~emersion 5 months ago

I don't believe plumbing Tor/proxy support to each and every program that uses TCP is a good way forward. I would recommend setting up a system-wide transparent proxy instead (TransPort in Tor config), which makes Tor work similarly to VPNs.

~mikezackles 5 months ago

Ah perfect, thanks! I missed that setting. That makes sense to me, and works better for me anyway.

~palladium 4 months ago

I'd like SOCKS5 proxy support too. A system-wide transparent proxy is overkill for me, I just need it for Libera.

beep beep beep boop 3 months ago ยท edit

This would be useful to me as well. I'm running soju in a container and accessing it through wireguard. I would like it to route connections to irc networks over a non-tor socks proxy. its completely doable to get it to work, but I would need to either build redsocks or graftcp in my dockerfile and also mess with iptables. It would be much easier to just set a proxy in the config file. I'll probably modify the patch by Egor to connect to the right address and use that for now.

Register here or Log in to comment, or comment via email.