Suggestion about TorButton
Hello! First, thank you for this SUPERB extension :)) I have an idea of feature that could be interesting, but don't know if you would agree to implement it, and moreover I think it is a lot of job: It would be to force some of the bookmarks to use TOR, whatever the TorButton status is. For example, there would be one more function in the right click menu, "Bookmark this link WITH TOR". Then, the link will always use TOR, even if Tor is turned OFF with Torbutton. What do you think? :) Best, F44
constrained socket buffers patch
hi Andrew, all, attached is the constrained sockets patch. apologies for the delay; still have DSL problems at home. to enable this feature set: ConstrainedSockets 1 in your configuration. this will limit the recv and xmit buffers associated with TCP sockets to the default 4096 bytes. you can also alter the default explicitly via: ConstrainedSockSize 2048 the value must be between 2048 and 262144 in 1024 byte increments. attempting to set an invalid value should produce an error at start. see the (patched) man page for additional details. to patch: cd tor-0.1.2.14 patch -p1 < ../tor-constrained-sockets.patch then build as usual (vary per your reqs): ./configure --prefix=/usr --sysconfdir=/etc && make && make install let me know if this appears to work! you may try adjusting the buffers down as low as 2048 if you still get problems at 4096, however, i don't think this is likely. best regards, diff -Naur orig-tor-0.1.2.14/doc/tor.1.in mod-tor-0.1.2.14/doc/tor.1.in --- orig-tor-0.1.2.14/doc/tor.1.in 2007-05-25 00:51:42.0 + +++ mod-tor-0.1.2.14/doc/tor.1.in 2007-07-11 21:20:33.0 + @@ -88,6 +88,21 @@ Windows since that platform lacks getrlimit(). (Default: 1000) .LP .TP +\fBConstrainedSockets \fR\fB0\fR|\fB1\fR\fP +If set, Tor will attempt to shrink the recv and xmit buffers for all +sockets to the size specified in \fBConstrainedSockSize\fP. This is useful +for virtual servers and other environments where system level TCP +buffers may be limited. The preferred solution is to have the admin +increase the buffer pool via /proc/sys/net/ipv4/tcp_mem or equivalent +facility. Note that this will not work on Windows platforms. +.LP +.TP +\fBConstrainedSockSize \fR\fINUM\fP +When \fBConstrainedSockets\fP is enabled the recv and xmit buffers for +all sockets will be set to this limit. Must be a value between 2048 +and 262144 in 1024 byte increments. Default of 4096 is recommended. +.LP +.TP \fBControlPort \fR\fIPort\fP If set, Tor will accept connections on this port and allow those connections to control the Tor process using the Tor Control Protocol diff -Naur orig-tor-0.1.2.14/src/or/config.c mod-tor-0.1.2.14/src/or/config.c --- orig-tor-0.1.2.14/src/or/config.c 2007-05-25 00:51:40.0 + +++ mod-tor-0.1.2.14/src/or/config.c 2007-07-11 21:14:18.0 + @@ -139,6 +139,8 @@ VAR("CircuitIdleTimeout", INTERVAL, CircuitIdleTimeout, "1 hour"), VAR("ClientOnly", BOOL, ClientOnly, "0"), VAR("ConnLimit", UINT, ConnLimit,"1000"), + VAR("ConstrainedSockets", BOOL, ConstrainedSockets, "0"), + VAR("ConstrainedSockSize", UINT, ConstrainedSockSize, "4096"), VAR("ContactInfo", STRING, ContactInfo, NULL), VAR("ControlListenAddress",LINELIST, ControlListenAddress, NULL), VAR("ControlPort", UINT, ControlPort, "0"), @@ -309,6 +311,10 @@ { "BandwidthBurst", "Limit the maximum token buffer size (also known as " "burst) to the given number of bytes." }, { "ConnLimit", "Maximum number of simultaneous sockets allowed." }, + { "ConstrainedSockets", "Shrink tx and rx buffers for sockets to avoid " +"system limits on vservers and related environments." }, + { "ConstrainedSockSize", "Limit socket buffers to this size when " +"ConstrainedSockets is set. Must be at least 2048 bytes." }, /* ControlListenAddress */ { "ControlPort", "If set, Tor will accept connections from the same machine " "(localhost only) on this port, and allow those connections to control " @@ -2765,6 +2771,24 @@ } } +#ifndef MS_WINDOWS + if (options->ConstrainedSockets) { +/** If the user wants to constrain socket buffer use, make sure the desired + * limit is between 2k and 256k in k increments. */ +const int minsocksz = 2*1024; +const int maxsocksz = 256*1024; +if (options->ConstrainedSockSize < minsocksz || +options->ConstrainedSockSize > maxsocksz || +options->ConstrainedSockSize % 1024 ) { + r = tor_snprintf(buf, sizeof(buf), + "ConstrainedSockSize is invalid. Must be a value between %d and %d in 1024 byte increments.", + minsocksz, maxsocksz); + *msg = tor_strdup(r >= 0 ? buf : "internal error"); + return -1; +} + } +#endif + if (rend_config_services(options, 1) < 0) REJECT("Failed to configure rendezvous options. See logs for details."); diff -Naur orig-tor-0.1.2.14/src/or/connection.c mod-tor-0.1.2.14/src/or/connection.c --- orig-tor-0.1.2.14/src/or/connection.c 2007-05-25 00:51:40.0 + +++ mod-tor-0.1.2.14/src/or/connection.c 2007-07-11 21:47:00.0 + @@ -27,6 +27,7 @@ static int connection_read_to_buf(connection_t *conn, int *max_to_read); static int connection_process_inbuf(connection_t *conn, int package_partial); static void client_check_address_changed(int sock); +static void set_constrained_socket_buffers(int sock, int si
Re: New Torbutton (1.1.4-alpha)
On Wednesday 11 July 2007 10:10:36 Mike Perry wrote: >. Changing tor > state automatically makes me a little nervous, even if it is only in > the "Tor Enabled" direction.. > If torbutton could request a yes/no response from the user in such situations that would be nice. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: New Torbutton (1.1.4-alpha)
Thus spake Robert Hogan ([EMAIL PROTECTED]): > On Monday 09 July 2007 10:16:55 Mike Perry wrote: > > Feedback, suggestions, and comments are welcome. Especially if someone > > could point out what I'm doing wrong with the OpenSearch Google search > > plugin installations (which are somewhat unrelated, but I figured were > > worth putting up there, since a major usability complaint is "Why do I > > get the damn German/Chinese/etc Google with Tor?"). > > Stop me if this has been suggested before, but would it be worth introducing > an unofficial URI for hidden services that would make them recognisable to > the likes of torbutton? The idea being that the user could 'enable tor' > simply by clicking on a hidden service link rather than the usual jig of > click-servernotfound-back-scratchhead-enabletor-clickagain. > > Is this possible with a firefox plugin or would it be necessary to get the > firefox developers on board? Actually, this is possible a few different ways.. You can create your own protocol handlers, but it might not be necessary. Torbutton already listens to the LocationChange event.. It may be possible just to look to see if the new location has a .onion/ in it, and enable tor if so. But this probably should be pondered for a while.. Changing tor state automatically makes me a little nervous, even if it is only in the "Tor Enabled" direction.. And creating a new protocol prefix for onion sites seems a little sketchy also.. All sorts of compatibility issues are probably hiding in there (not just the obvious problem of adoption). -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpnrJWGU6k9f.pgp Description: PGP signature
Re: New Torbutton (1.1.4-alpha)
On Monday 09 July 2007 10:16:55 Mike Perry wrote: > Feedback, suggestions, and comments are welcome. Especially if someone > could point out what I'm doing wrong with the OpenSearch Google search > plugin installations (which are somewhat unrelated, but I figured were > worth putting up there, since a major usability complaint is "Why do I > get the damn German/Chinese/etc Google with Tor?"). Stop me if this has been suggested before, but would it be worth introducing an unofficial URI for hidden services that would make them recognisable to the likes of torbutton? The idea being that the user could 'enable tor' simply by clicking on a hidden service link rather than the usual jig of click-servernotfound-back-scratchhead-enabletor-clickagain. Is this possible with a firefox plugin or would it be necessary to get the firefox developers on board? It is already possible with konqueror/kde thanks to kioslaves (tork implements a tor: 'URI' that does just this). -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: New Torbutton (1.1.4-alpha)
Thus spake Jens Kubieziel ([EMAIL PROTECTED]): > * Mike Perry schrieb am 2007-07-09 um 11:16 Uhr: > > * Cache management > > IMHO there should be check box for managing the cache by yourself. Like > it is at privacy and cookie settings. Is there a good reason behind this wish? The cache can store unique identifiers almost as easily as cookies can.. Though at least it is not used for authentication, I suppose. Is this just not a concern for you, or is ther another extension you prefer to use? -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpP2n76Rfxnv.pgp Description: PGP signature
Re: New Torbutton (1.1.4-alpha)
Thus spake Ryan Wagner ([EMAIL PROTECTED]): > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > I'm very pleased with the new Torbutton version so far. The only thing > that's bothering me is automatically disabling 'Remember passwords for > sites' when tor is toggled on. I'd prefer a way to disable this feature. > Even if logging into sites over tor can be dangerous for anonymity and > the security of the account itself, it's still nice to prevent one's ISP > from retaining a record of goings on. It's possible to manually > re-enable remembering passwords after tor has been toggled on, so it's a > minor inconvenience, really. This is tied in with the history writing setting. The idea was that if you are OK with tor writing out these things, then you are ok with it saving your history and vice-versa. However, this idea may be slightly flawed since you could be concerned about history disclosure attacks from regular websites you visit.. So maybe it should be a seperate option.. -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpqVoEFsxUcP.pgp Description: PGP signature
Re: New Torbutton (1.1.4-alpha)
* Mike Perry schrieb am 2007-07-09 um 11:16 Uhr: > * Cache management IMHO there should be check box for managing the cache by yourself. Like it is at privacy and cookie settings. -- Jens Kubieziel http://www.kubieziel.de FdI#150: SETI Es gibt sicher extraerrestrische Wesen. Daß keine bis jetzt mit Menschen in Kontakt getreten sind, beweist deren Intelligenz. (Michael Sohmen) signature.asc Description: Digital signature