* * *

Author Topic: Indy setup for nntp thru TOR  (Read 538 times)

lazarus9

  • Jr. Member
  • **
  • Posts: 71
Indy setup for nntp thru TOR
« on: July 29, 2018, 08:36:48 pm »
I need to setup indy to reach an nntp server through TOR.  Here is what I have tried.  I really don't know what I am doing, as you can see.
TOR is running connect to 127.0.0.1:9050


IdNNTP1.Host:  the IP of the nntp server.
IdNNTP1.Port: 563
IdNNTP1.IOHandler: IdSSLIOHandlerSocketOpenSSL1:
IdNNTP1.UseTLS: utNoTLSSupport

IdSSLIOHandlerSocketOpenSSL1.Host:  the IP of the nntp server.
IdSSLIOHandlerSocketOpenSSL1.Port: 563
IdSSLIOHandlerSocketOpenSSL1.TransparentProxy: IdSocksInfo1

IdSocksInfo1.Host: 127.0.0.1
IdSocksInfo1.Port: 9050
IdSocksInfo1.Version: svSocks5

Remy Lebeau

  • Sr. Member
  • ****
  • Posts: 439
    • Lebeau Software
Re: Indy setup for nntp thru TOR
« Reply #1 on: August 01, 2018, 12:11:23 am »
I need to setup indy to reach an nntp server through TOR.  Here is what I have tried.

And, ... what happens when you try it?  Do you get errors?  If so, what are they?

IdNNTP1.IOHandler: IdSSLIOHandlerSocketOpenSSL1:
IdNNTP1.UseTLS: utNoTLSSupport

You don't need to assign a TIdSSLIOHandlerSocketOpenSSL if you are not using SSL/TLS.  You can use a TIdIOHandlerStack instead.

IdSSLIOHandlerSocketOpenSSL1.Host:  the IP of the nntp server.
IdSSLIOHandlerSocketOpenSSL1.Port: 563

You don't need to set those properties manually at all.  Connect() will handle that internally.

IdSSLIOHandlerSocketOpenSSL1.TransparentProxy: IdSocksInfo1

IdSocksInfo1.Host: 127.0.0.1
IdSocksInfo1.Port: 9050
IdSocksInfo1.Version: svSocks5

Looks OK to me.
Remy Lebeau
Lebeau Software - Owner, Developer
Internet Direct (Indy) - Admin, Developer (Support forum)

lazarus9

  • Jr. Member
  • **
  • Posts: 71
Re: Indy setup for nntp thru TOR
« Reply #2 on: August 10, 2018, 02:11:05 pm »
Thanks for answering.  I had given up on getting one.  I ask last year and go no answers.

When I run it, it just sits there doing nothing.  I'll try your suggestions and get back.

The program sends the messages now through a stunnel connection to the nntp server.  I want to make the program do the TLS connection itself, something I haven't been able to get working yet.  I then would like to direct that TLS connection to tor.

lazarus9

  • Jr. Member
  • **
  • Posts: 71
Re: Indy setup for nntp thru TOR
« Reply #3 on: August 10, 2018, 03:17:02 pm »
I discovered that the nntp server has a new ip.  Here is what I doing and getting now:

IdNNTP1.Host:  the IP of the nntp server.
IdNNTP1.Port: 563
IdNNTP1.IOHandler: IdSSLIOHandlerSocketOpenSSL1:
IdNNTP1.UseTLS: utUseRequireTLS

IdSSLIOHandlerSocketOpenSSL1.Host:  the IP of the nntp server. - setup automatically
IdSSLIOHandlerSocketOpenSSL1.Port: 563                                     - setup automatically
IdSSLIOHandlerSocketOpenSSL1.TransparentProxy: IdSocksInfo1

IdSocksInfo1.Host: 127.0.0.1
IdSocksInfo1.Port: 9050
IdSocksInfo1.Version: svSocks4a


The error I get:

Project projectl raised exception class 'EIdSocketError' with message: Socket Error # 10061 Connection refused. 
In file 'source\IdStack.pas' at line 919

It doesn't seem to be going through tor at all, because the error is almost immediate.  My tor connect through 7 nodes and that takes a few seconds.


My stunnel parameters that connect ok are:

[NNTP1]
accept = 127.0.0.1:129
connect = the.nntp.server.ip:563

-------------------------------------------

When trying to connect directly to the nntp server without tor:

IdNNTP1.Host:  the IP of the nntp server.
IdNNTP1.Port: 119
IdNNTP1.IOHandler: IdSSLIOHandlerSocketOpenSSL1:
IdNNTP1.UseTLS: utUseRequireTLS

IdSSLIOHandlerSocketOpenSSL1.Host:  the IP of the nntp server. - setup automatically
IdSSLIOHandlerSocketOpenSSL1.Port: 563                                     - setup automatically
IdSSLIOHandlerSocketOpenSSL1.TransparentProxy: IdSSLIOHandlerSocketOpenSSL1


The error I get:

Project projectl raised exception class 'EIdOSSLCouldNotLoadSSLLibrary' with message: Could not load SSL library. 
In file 'sourceUdSSLOpenSSLpas' at line 3055  3055

Is there a required DLL I need to move into the executable folder?

lazarus9

  • Jr. Member
  • **
  • Posts: 71
Re: Indy setup for nntp thru TOR
« Reply #4 on: August 10, 2018, 04:14:08 pm »
The error message in IdSSLIOHandlerSocketOpenSSL1 says:

  //an exception here probably means that you are using the wrong version
  //of the openssl libraries. refer to comments at the top of this file.

  I tried replacing the old OpenSSL with the newest one, but it doesn't help.

Remy Lebeau

  • Sr. Member
  • ****
  • Posts: 439
    • Lebeau Software
Re: Indy setup for nntp thru TOR
« Reply #5 on: August 11, 2018, 02:53:42 am »
IdNNTP1.Host:  the IP of the nntp server.

Why are you using an IP address?  Doesn't the server have a static hostname that resolves to its current IP?

IdNNTP1.Port: 563
IdNNTP1.UseTLS: utUseRequireTLS

On port 563, use utUseImplicitTLS instead (use utUseExplicitTLS on port 119).

IdSocksInfo1.Version: svSocks4a

Why SOCKS v4a and no v5?

Project projectl raised exception class 'EIdSocketError' with message: Socket Error # 10061 Connection refused. 

"Connection refused" means either:

- the client tried to connect to an IP/Port that is not listening for connections.

- the IP/Port is listening, but has too many pending connections. Try again later.

- the connection was blocked, usually by a firewall, router, or antivirus.

Since you hooked up a SOCKS proxy to the NNTP connection, the error would mean that Indy could not connect to the proxy.

IdNNTP1.Port: 119
IdNNTP1.UseTLS: utUseRequireTLS

Use utUseExplicitTLS on port 119.  Stop using utUseRequireTLS on the client side, it doesn't mean what you think it means.  Stick with either utNoTLSSupport, utUseImplicitTLS or utUseExplicitTLS only.

IdSSLIOHandlerSocketOpenSSL1.TransparentProxy: IdSSLIOHandlerSocketOpenSSL1

I assume that is a typo, because you can't connect an SSLIOHandler as a proxy for an SSLIOHandler.

Project projectl raised exception class 'EIdOSSLCouldNotLoadSSLLibrary' with message: Could not load SSL library. 

Indy has a WhichFailedToLoad() function in the IdSSLOpenSSLHeaders unit.  If the OpenSSL library fails to load, you can then call WhichFailedToLoad() to find out why it failed.

Is there a required DLL I need to move into the executable folder?

Yes.  OpenSSL uses SSLEAY32.DLL and LIBEAY32.DLL, which you can download from http://indy.fulgan.com/SSL/.
Remy Lebeau
Lebeau Software - Owner, Developer
Internet Direct (Indy) - Admin, Developer (Support forum)

lazarus9

  • Jr. Member
  • **
  • Posts: 71
Re: Indy setup for nntp thru TOR
« Reply #6 on: August 11, 2018, 07:50:46 pm »
> Why are you using an IP address?  Doesn't the server have a static hostname that resolves to its current IP?

My coputer uses DSNCrypt and it won't resolve my own programs.

> IdNNTP1.Port: 563
> IdNNTP1.UseTLS: utUseRequireTLS

  Changed this.

> On port 563, use utUseImplicitTLS instead (use utUseExplicitTLS on port 119).

  Yes, I see it auto puts in 563.

> Why SOCKS v4a and no v5?

  Changed, was not familiar with v5.

> Connection refused" means either:

  Had another error concerning v3, so went to sslVersion sslvTLSv1_2.

> Since you hooked up a SOCKS proxy to the NNTP connection, the error would mean that Indy could not connect to the proxy.

> IdNNTP1.Port: 119
> IdNNTP1.UseTLS: utUseRequireTLS

> Use utUseExplicitTLS on port 119.  Stop using utUseRequireTLS on the client side, it doesn't mean what you think it means.  Stick with either utNoTLSSupport, utUseImplicitTLS or utUseExplicitTLS only.

> IdSSLIOHandlerSocketOpenSSL1.TransparentProxy: IdSSLIOHandlerSocketOpenSSL1
> I assume that is a typo, because you can't connect an SSLIOHandler as a proxy for an SSLIOHandler.

  It was put in there automatically.  Must need something in that parameter.

> Project projectl raised exception class 'EIdOSSLCouldNotLoadSSLLibrary' with message: Could not load SSL library. 
> Indy has a WhichFailedToLoad() function in the IdSSLOpenSSLHeaders unit.  If the OpenSSL library fails to load, you can then call WhichFailedToLoad() to find out why it failed.
> Is there a required DLL I need to move into the executable folder?
> Yes.  OpenSSL uses SSLEAY32.DLL and LIBEAY32.DLL, which you can download from http://indy.fulgan.com/SSL/.

  Changed to above, downloaded openssl-1.0.2o-x64_86-win64 and placed it in the program folder.

  and SUCCESS!!!  As I said, I really didn't know how to do this with Indy.  Have tried many times.

  Thank you very much!
« Last Edit: August 11, 2018, 07:52:32 pm by lazarus9 »

 

Recent

Get Lazarus at SourceForge.net. Fast, secure and Free Open Source software downloads Open Hub project report for Lazarus