Commit 70c2c590 authored by Tails developers's avatar Tails developers
Browse files

Remove all traces of Polipo: we don't use it anymore (Closes: #5379, #6115).

parent 5100f350
......@@ -849,7 +849,6 @@ sbin/startpar 31635
etc/init.d/.depend.start 31634
etc/init.d/rsyslog 31633
etc/init.d/motd 31632
etc/init.d/polipo 31631
etc/init.d/sudo 31630
etc/default/rsyslog 31629
etc/init.d/tails-set-wireless-devices-state 31628
......@@ -860,18 +859,14 @@ etc/init.d/virtualbox-guest-utils 31624
etc/init.d/open-vm-tools 31623
usr/bin/vmware-checkvm 31621
usr/lib/libvmtools.so.0.0.0 31620
usr/lib/polipo/polipo-control 31619
sbin/start-stop-daemon 31618
usr/lib/i386-linux-gnu/libicui18n.so.48.1.1 31617
usr/sbin/rsyslogd 31616
usr/bin/polipo 31615
usr/local/bin/tails-get-bootinfo 31614
etc/polipo/config 31613
etc/memlockd.cfg 31612
usr/local/bin/tails-boot-to-kexec 31611
usr/local/sbin/tails-set-wireless-devices-state 31610
usr/local/sbin/tor-controlport-filter 31609
etc/polipo/forbidden 31608
etc/default/kexec 31607
usr/sbin/rfkill 31606
usr/lib/python2.7/socket.py 31605
......
......@@ -24,7 +24,6 @@ laptop-mode
memlockd
network-manager
plymouth
polipo
pulseaudio
resolvconf
saned
......
http_proxy=http://127.0.0.1:8118
HTTP_PROXY=http://127.0.0.1:8118
https_proxy=http://127.0.0.1:8118
HTTPS_PROXY=http://127.0.0.1:8118
SOCKS_SERVER=127.0.0.1:9050
SOCKS5_SERVER=127.0.0.1:9050
......
......@@ -80,12 +80,6 @@ domain ip {
mod owner uid-owner amnesia ACCEPT;
}
# White-list access to polipo
daddr 127.0.0.1 proto tcp syn dport 8118 {
mod owner uid-owner root ACCEPT;
mod owner uid-owner amnesia ACCEPT;
}
# White-list access to I2P services for the amnesia user (IRC, SAM, POP3, SMTP, and Monotone)
# For more information, see https://tails/boum.org/contribute/design/I2P and https://geti2p.net/ports
daddr 127.0.0.1 proto tcp syn mod multiport destination-ports (6668 7656 7659 7660 8998) {
......
# Sample configuration file for Polipo. -*-sh-*-
# You should not need to edit this configuration file; all configuration
# variables have reasonable defaults.
# This file only contains some of the configuration variables; see the
# list given by ``polipo -v'' and the manual for more.
### Basic configuration
### *******************
# Uncomment one of these if you want to allow remote clients to
# connect:
# proxyAddress = "::0" # both IPv4 and IPv6
# proxyAddress = "0.0.0.0" # IPv4 only
proxyAddress = "127.0.0.1"
proxyPort = 8118
# If you are enabling 'proxyAddress' above, then you want to enable the
# 'allowedClients' variable to the address of your network, e.g.
# allowedClients = 127.0.0.1, 192.168.42.0/24
allowedClients = 127.0.0.1
allowedPorts = 1-65535
# Uncomment this if you want your Polipo to identify itself by
# something else than the host name:
proxyName = "localhost"
# Uncomment this if there's only one user using this instance of Polipo:
cacheIsShared = false
# Uncomment this if you want to use a parent proxy:
# parentProxy = "squid.example.org:3128"
# Uncomment this if you want to use a parent SOCKS proxy:
socksParentProxy = "127.0.0.1:9050"
socksProxyType = socks5
### Memory
### ******
# Uncomment this if you want Polipo to use a ridiculously small amount
# of memory (a hundred C-64 worth or so):
# chunkHighMark = 819200
# objectHighMark = 128
# Uncomment this if you've got plenty of memory:
# chunkHighMark = 50331648
# objectHighMark = 16384
chunkHighMark = 67108864
### On-disk data
### ************
# Uncomment this if you want to disable the on-disk cache:
diskCacheRoot = ""
# Uncomment this if you want to put the on-disk cache in a
# non-standard location:
# diskCacheRoot = "~/.polipo-cache/"
# Uncomment this if you want to disable the local web server:
localDocumentRoot = ""
# Uncomment this if you want to enable the pages under /polipo/index?
# and /polipo/servers?. This is a serious privacy leak if your proxy
# is shared.
# disableIndexing = false
# disableServersList = false
disableLocalInterface = true
disableConfiguration = true
### Domain Name System
### ******************
# Uncomment this if you want to contact IPv4 hosts only (and make DNS
# queries somewhat faster):
#
# dnsQueryIPv6 = no
# Uncomment this if you want Polipo to prefer IPv4 to IPv6 for
# double-stack hosts:
#
# dnsQueryIPv6 = reluctantly
# Uncomment this to disable Polipo's DNS resolver and use the system's
# default resolver instead. If you do that, Polipo will freeze during
# every DNS query:
dnsUseGethostbyname = yes
### HTTP
### ****
# Uncomment this if you want to enable detection of proxy loops.
# This will cause your hostname (or whatever you put into proxyName
# above) to be included in every request:
disableVia = true
# Uncomment this if you want to slightly reduce the amount of
# information that you leak about yourself:
censoredHeaders = from,accept-language,x-pad,link
censorReferer = maybe
# Uncomment this if you're paranoid. This will break a lot of sites,
# though:
# censoredHeaders = set-cookie, cookie, cookie2, from, accept-language
# censorReferer = true
# Uncomment this if you want to use Poor Man's Multiplexing; increase
# the sizes if you're on a fast line. They should each amount to a few
# seconds' worth of transfer; if pmmSize is small, you'll want
# pmmFirstSize to be larger.
# Note that PMM is somewhat unreliable.
# pmmFirstSize = 16384
# pmmSize = 8192
# Uncomment this if your user-agent does something reasonable with
# Warning headers (most don't):
# relaxTransparency = maybe
# Uncomment this if you never want to revalidate instances for which
# data is available (this is not a good idea):
# relaxTransparency = yes
# Uncomment this if you have no network:
# proxyOffline = yes
# Uncomment this if you want to avoid revalidating instances with a
# Vary header (this is not a good idea):
# mindlesslyCacheVary = true
# Suggestions from Incognito configuration
maxConnectionAge = 5m
maxConnectionRequests = 120
serverMaxSlots = 8
serverSlots = 2
tunnelAllowedPorts = 1-65535
// As suggested in TBB's start-tor-browser script for system-wide Tor
// instances
pref("extensions.torbutton.banned_ports", "631,6136,4444,4445,6668,7656,7657,7658,7659,7660,8998,8118,9040,9050,9061,9062,9150,9052");
pref("extensions.torbutton.banned_ports", "631,6136,4444,4445,6668,7656,7657,7658,7659,7660,8998,9040,9050,9061,9062,9150,9052");
pref("extensions.torbutton.custom.socks_host", "127.0.0.1");
pref("extensions.torbutton.custom.socks_port", 9150);
pref("extensions.torbutton.launch_warning", false);
......
......@@ -37,9 +37,3 @@ $IP6T -F
$IP6T -P INPUT ACCEPT
$IP6T -P FORWARD ACCEPT
$IP6T -P OUTPUT ACCEPT
echo "You might want to unset http_proxy and HTTP_PROXY environment variables as well:"
echo " unset http_proxy"
echo " unset https_proxy"
echo " unset HTTP_PROXY"
echo " unset HTTPS_PROXY"
......@@ -200,7 +200,6 @@ pinentry-gtk2
pitivi
plymouth
poedit
polipo
ppp
pulseaudio
pwgen
......
Tails specific: no need to stop properly on shutdown.
--- chroot.orig/etc/init.d/polipo 2012-09-24 10:05:13.173051981 +0200
+++ chroot/etc/init.d/polipo 2012-09-24 10:47:23.717869294 +0200
@@ -7,1 +7,1 @@
-# Default-Stop: 0 1 6
+# Default-Stop:
......@@ -100,18 +100,13 @@ Then /^I cannot configure the Unsafe Browser to use any local proxies$/ do
# @screen.waitVanish('UnsafeBrowserPreferences.png', 10)
sleep 0.5
http_proxy = 'x' # Alt+x is the shortcut to select http proxy
socks_proxy = 'c' # Alt+c for socks proxy
no_proxy = 'y' # Alt+y for no proxy
# Note: the loop below depends on that http_proxy is done after any
# other proxy types since it will set "Use this proxy server for all
# protocols", which will make the other proxy types unselectable.
proxies = [[socks_proxy, 9050],
[socks_proxy, 9061],
[socks_proxy, 9062],
[socks_proxy, 9150],
[http_proxy, 8118],
[no_proxy, 0]]
proxies.each do |proxy|
......@@ -132,8 +127,6 @@ Then /^I cannot configure the Unsafe Browser to use any local proxies$/ do
# Configure the proxy
@screen.type(proxy_type, Sikuli::KeyModifier.ALT) # Select correct proxy type
@screen.type("127.0.0.1" + Sikuli::Key.TAB + "#{proxy_port}") if proxy_type != no_proxy
# For http proxy we set "Use this proxy server for all protocols"
@screen.type("s", Sikuli::KeyModifier.ALT) if proxy_type == http_proxy
# Close settings
@screen.type(Sikuli::Key.ENTER)
......
......@@ -675,7 +675,7 @@ Critical parts of the configuration are based on the ones from
well-known and trusted sources, namely Tails ancestor
[Incognito](http://www.browseanonymouslyanywhere.com/incognito/)
and the [Tor BrowserBundle](https://www.torproject.org/projects/torbrowser.html.en).
This is for example the case for the firewall, polipo and Tor configurations.
This is for example the case for the firewall and Tor configurations.
**NOTICE**: this distribution is provided as-is with no warranty of
fitness for a particular purpose, including total anonymity. Anonymity
......@@ -715,8 +715,6 @@ extension).
that the Debian distribution does not provide or endorse Tails.
- [Tor](http://www.torproject.org/): anonymizing overlay network for
TCP. Our intention is to always use the latest stable version.
- [polipo](http://www.pps.jussieu.fr/%7Ejch/software/polipo/):
Caching web proxy.
- [Vidalia](https://www.torproject.org/projects/vidalia) is used
to control Tor's behavior.
......@@ -1218,7 +1216,7 @@ applications being exploited by attackers.
We wrap `wget` with `torsocks`, after unsetting the `http_proxy`
environment variable and friends, so that it talks directly to the Tor
SOCKS port instead of going through Polipo.
SOCKS port.
- [[!tails_gitweb config/chroot_local-includes/usr/local/bin/wget]]
......
......@@ -10,11 +10,6 @@ DNS
[[!inline pages="contribute/design/Tor_enforcement/DNS" raw=yes]]
HTTP Proxy
==========
[[!inline pages="contribute/design/Tor_enforcement/Proxy" raw=yes]]
Network filter
==============
......
One serious security issue is that we don't know what software will
attempt to contact the network and whether their proxy settings are
set up to use the Tor SOCKS proxy or polipo HTTP(s) proxy correctly.
set up to use the Tor SOCKS proxy correctly.
This is solved by blocking all outbound Internet traffic except Tor
(and I2P when enabled), and explicitly configure all applications to use either of
these.
......
Polipo provides with caching HTTP proxy functionality. It contacts the
Tor software via SOCKS5 to make the real connections: [[!tails_gitweb
config/chroot_local-includes/etc/polipo/config]].
In case the firewall is buggy or not properly started, proxy settings
are used as part of a defence in depth strategy:
- The standard `http_proxy` and `HTTP_PROXY` environment variables are
globally set in [[!tails_gitweb
config/chroot_local-includes/etc/environment]] to point to Polipo.
......@@ -140,12 +140,12 @@ tracked by tickets prefixed with `todo/test_suite:`.
* Check that the firewall-level Tor enforcement is effective:
- check output of `iptables -L -n -v`
- check output of `iptables -t nat -L -n -v`
- try connecting to the Internet after unsetting `$http_proxy` and
`$HTTP_PROXY` using a piece of software that does not obey the
- try connecting to the Internet after unsetting `$SOCKS_SERVER` and
`$SOCKS5_SERVER` using a piece of software that does not obey the
GNOME proxy settings, *and* is not explicitly torified in Tails:
unset http_proxy ; unset HTTP_PROXY
wget --no-proxy http://monip.org/
unset SOCKS_SERVER ; unset SOCKS5_SERVER
curl --noproxy '*' http://monip.org/
... should only give you "Connection refused" error message.
* Check that IPv6 traffic is blocked:
......@@ -268,14 +268,6 @@ the appropriate tcpdump or tshark filters.
* Make sure other applications use the default system-wide
`SocksPort`:
- Polipo — run:
wget https://tails.boum.org/
... with the following command running in another terminal:
sudo watch -n 0.1 'netstat -taupen | grep polipo'
- Gobby 0.5 — start Gobby 0.5 from the *Applications* menu and
connect to a server (for example `gobby.debian.org`), with the following command running in
another terminal:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment