Re: [Tails-dev] [urgent] Tails 0.12 test results (we've got …

Delete this message

Reply to this message
Autor: Ague Mill
Data:  
A: The Tails public development discussion list
Assumpte: Re: [Tails-dev] [urgent] Tails 0.12 test results (we've got a potential blocker)
On Tue, Jun 12, 2012 at 07:21:36PM +0200, anonym wrote:
> > # Claws
> >
> > * Check that the profile works and is torified (specifically the
> > EHLO/HELO SMTP messages it sends). Send an email using Claws and a
> > non-anonymizing SMTP relay. Then check that email's headers once
> > received, especially the `Received:` and `Message-ID:` ones.
> > * Also check that the EHLO/HELO SMTP message is not leaking anything
> > with a packet sniffer: start Claws using the panel icon (which runs
> > `torify claws-mail`) to
> > avoid using the transparent proxy (which will confuse tcpdump).
> > Disable SSL/TLS for SMTP in Claws (so take precautions for not
> > leaking your password in plaintext by either changing it temporarily
> > or using a disposable account). Then run `sudo tcpdump -i lo -w
> > dump` to capture the packets before Tor encrypts it, and check the
> > dump for the HELO/EHLO message and verify that it only contains
> > `localhost`.
>
> We have a regression here. EHLO/HELO messages leaks the hostname
> ('amnesia'), resulting in '*@amnesia' Message IDs, and 'amnesia' in
> the last Received field. I managed to track down the culprit: torsocks.
> We start claws-mail with torify, which uses torsocks over tsocks.
> Switching back to tsocks, like in 0.11 and previous releases, fixes the
> leak.


If tsocks really is good enough, here is a quick and dirty hack, hastly
tested in the wild, no time for a proper patch:

1. Create `/usr/bin/torified-claws-mail` (perm 755) with:

    #!/bin/sh
    TSOCKS_CONF_FILE=/etc/tor/tor-tsocks.conf tsocks.distrib claws-mail


 2. Update .desktop (applications and shortcut icon) to use
    `torified-claws-mail`.


I have only gone so far to look upon /proc/$PID/maps to see that
libtsocks was indeed loaded. I don't know if that fixes the regression
or introduce others.

This is not the nicest, but we have in mind to ditch Claws soon enough.

--
Ague