gnu/packages/tor.scm

   1 ;;; GNU Guix --- Functional package management for GNU
   2 ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
   3 ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
   4 ;;; Copyright © 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il>
   5 ;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
   6 ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
   7 ;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org>
   8 ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
   9 ;;;
  10 ;;; This file is part of GNU Guix.
  11 ;;;
  12 ;;; GNU Guix is free software; you can redistribute it and/or modify it
  13 ;;; under the terms of the GNU General Public License as published by
  14 ;;; the Free Software Foundation; either version 3 of the License, or (at
  15 ;;; your option) any later version.
  16 ;;;
  17 ;;; GNU Guix is distributed in the hope that it will be useful, but
  18 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
  19 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20 ;;; GNU General Public License for more details.
  21 ;;;
  22 ;;; You should have received a copy of the GNU General Public License
  23 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
  24
  25 (define-module (gnu packages tor)
  26   #:use-module ((guix licenses) #:prefix license:)
  27   #:use-module (guix packages)
  28   #:use-module (guix download)
  29   #:use-module (guix git-download)
  30   #:use-module (guix build-system gnu)
  31   #:use-module (guix build-system python)
  32   #:use-module (gnu packages)
  33   #:use-module (gnu packages base)
  34   #:use-module (gnu packages libevent)
  35   #:use-module (gnu packages linux)
  36   #:use-module (gnu packages check)
  37   #:use-module (gnu packages compression)
  38   #:use-module (gnu packages pcre)
  39   #:use-module (gnu packages pkg-config)
  40   #:use-module (gnu packages python)
  41   #:use-module (gnu packages python-web)
  42   #:use-module (gnu packages qt)
  43   #:use-module (gnu packages autotools)
  44   #:use-module (gnu packages tls)
  45   #:use-module (gnu packages w3m))
  46
  47 (define-public tor
  48   (package
  49     (name "tor")
  50     (version "0.3.4.9")
  51     (source (origin
  52              (method url-fetch)
  53              (uri (string-append "https://dist.torproject.org/tor-"
  54                                  version ".tar.gz"))
  55              (sha256
  56               (base32
  57                "0jhnvnp08hsfrzgsvg5xnfxyaw3nzgg9h24cwbwnz6iby20i05qs"))))
  58     (build-system gnu-build-system)
  59     (arguments
  60      `(#:configure-flags (list "--enable-gcc-hardening"
  61                                "--enable-linker-hardening")))
  62     (native-inputs
  63      `(("pkg-config" ,pkg-config)
  64        ("python" ,python-2)))           ; for tests
  65     (inputs
  66      `(("zlib" ,zlib)
  67        ("openssl" ,openssl)
  68        ("libevent" ,libevent)
  69        ("libseccomp" ,libseccomp)
  70        ("xz" ,xz)
  71        ("zstd" ,zstd)))
  72     (home-page "https://www.torproject.org/")
  73     (synopsis "Anonymous network router to improve privacy on the Internet")
  74     (description
  75      "Tor protects you by bouncing your communications around a distributed
  76 network of relays run by volunteers all around the world: it prevents
  77 somebody watching your Internet connection from learning what sites you
  78 visit, and it prevents the sites you visit from learning your physical
  79 location.  Tor works with many of your existing applications, including
  80 web browsers, instant messaging clients, remote login, and other
  81 applications based on the TCP protocol.
  82
  83 To @code{torify} applications (to take measures to ensure that an application,
  84 which has not been designed for use with Tor such as ssh, will use only Tor for
  85 internet connectivity, and also ensures that there are no leaks from DNS, UDP or
  86 the application layer) you need to install @code{torsocks}.")
  87     (license license:bsd-3)))
  88
  89 (define-public torsocks
  90   (package
  91     (name "torsocks")
  92     (version "2.2.0")
  93     (source (origin
  94               (method url-fetch)
  95               (uri (string-append "https://people.torproject.org/~dgoulet/"
  96                                   name "/" name "-" version ".tar.xz"))
  97               (sha256
  98                (base32
  99                 "0byr9ga9w79qz4vp0m11sbmspad7fsal9wm67r4znzb7zb7cis19"))))
 100     (build-system gnu-build-system)
 101     (inputs
 102      `(("which" ,which)
 103        ("libcap" ,libcap)))
 104     (arguments
 105      `(#:phases (modify-phases %standard-phases
 106                   (add-after 'build 'absolutize
 107                     (lambda* (#:key inputs #:allow-other-keys)
 108                       (substitute* "src/bin/torsocks"
 109                         (("getcap=`.*`")
 110                          (string-append "getcap=" (which "getcap")))
 111                         (("`which")
 112                          (string-append "`" (which "which"))))
 113                       #t)))))
 114     (home-page "https://www.torproject.org/")
 115     (synopsis "Use socks-friendly applications with Tor")
 116     (description
 117      "Torsocks allows you to use most socks-friendly applications in a safe
 118 way with Tor.  It ensures that DNS requests are handled safely and explicitly
 119 rejects UDP traffic from the application you're using.")
 120
 121     ;; All the files explicitly say "version 2 only".
 122     (license license:gpl2)))
 123
 124 (define-public privoxy
 125   (package
 126     (name "privoxy")
 127     (version "3.0.26")
 128     (source (origin
 129              (method url-fetch)
 130              (uri (string-append "mirror://sourceforge/ijbswa/Sources/"
 131                                  version "%20%28stable%29/privoxy-"
 132                                  version "-stable-src.tar.gz"))
 133              (sha256
 134               (base32
 135                "1n4wpxmahl8m2y3d1azxa8lrdbpaad007k458skxrpz57ss1br2p"))))
 136     (build-system gnu-build-system)
 137     (arguments
 138      '(;; The default 'sysconfdir' is $out/etc; change that to
 139        ;; $out/etc/privoxy.
 140        #:configure-flags (list (string-append "--sysconfdir="
 141                                               (assoc-ref %outputs "out")
 142                                               "/etc/privoxy"))
 143        #:phases
 144        (modify-phases %standard-phases
 145          (add-after 'unpack 'autoconf
 146            (lambda _
 147              ;; Unfortunately, this is not a tarball produced by
 148              ;; "make dist".
 149              (invoke "autoreconf" "-vfi")
 150              #t)))
 151        #:tests? #f))
 152     (inputs
 153      `(("w3m" ,w3m)
 154        ("pcre" ,pcre)
 155        ("zlib" ,zlib)
 156        ("autoconf" ,autoconf)
 157        ("automake" ,automake)))
 158     (home-page "https://www.privoxy.org")
 159     (synopsis "Web proxy with advanced filtering capabilities for enhancing privacy")
 160     (description
 161      "Privoxy is a non-caching web proxy with advanced filtering capabilities
 162 for enhancing privacy, modifying web page data and HTTP headers, controlling
 163 access, and removing ads and other obnoxious Internet junk.  Privoxy has a
 164 flexible configuration and can be customized to suit individual needs and
 165 tastes.  It has application for both stand-alone systems and multi-user
 166 networks.")
 167     (license license:gpl2+)))
 168
 169 (define-public onionshare
 170   (package
 171     (name "onionshare")
 172     (version "0.9.2")
 173     (source
 174       (origin
 175         (method url-fetch)
 176         (uri (string-append "https://github.com/micahflee/onionshare/archive/v"
 177                             version ".tar.gz"))
 178         (file-name (string-append name "-" version ".tar.gz"))
 179         (sha256
 180          (base32
 181           "02iv7dg15da57gy3zvfchnwwpr21n1gva7mqwpwr958ni2034smk"))))
 182     (build-system python-build-system)
 183     (arguments
 184      `(#:phases
 185        (modify-phases %standard-phases
 186          (add-after 'unpack 'fix-install-path
 187            (lambda* (#:key outputs #:allow-other-keys)
 188              (let* ((out        (assoc-ref outputs "out"))
 189                     (onionshare (string-append out "/share/onionshare")))
 190                (substitute* "onionshare/strings.py"
 191                  ;; correct the locale directory
 192                  (("helpers.get_resource_path\\('locale'\\)")
 193                   (string-append "'" onionshare "/locale'")))
 194                (substitute* "onionshare/helpers.py"
 195                  ;; correct the location of version.txt
 196                  (("get_resource_path\\('version.txt'\\)")
 197                   (string-append "'" onionshare "/version.txt'"))
 198                  (("get_resource_path\\('wordlist.txt'\\)")
 199                   (string-append "'" onionshare "/wordlist.txt'")))
 200                (substitute* "onionshare/web.py"
 201                  ;; fix the location of the html files
 202                  (("helpers.get_resource_path\\('html/denied.html'\\)")
 203                   (string-append "'" onionshare "/html/denied.html'"))
 204                  (("helpers.get_resource_path\\('html/404.html'\\)")
 205                   (string-append "'" onionshare "/html/404.html'"))
 206                  (("helpers.get_resource_path\\('html/index.html'\\)")
 207                   (string-append "'" onionshare "/html/index.html'")))
 208                (substitute* "onionshare_gui/file_selection.py"
 209                  ;; fancy box image in the GUI
 210                  (("helpers.get_resource_path\\('images/drop_files.png'\\)")
 211                   (string-append "'" onionshare "/images/drop_files.png'")))
 212                (substitute* "onionshare_gui/server_status.py"
 213                  (("helpers.get_resource_path\\('images/server_stopped.png'\\)")
 214                   (string-append "'" onionshare "/images/server_stopped.png'"))
 215                  (("helpers.get_resource_path\\('images/server_working.png'\\)")
 216                   (string-append "'" onionshare "/images/server_working.png'"))
 217                  (("helpers.get_resource_path\\('images/server_started.png'\\)")
 218                   (string-append "'" onionshare "/images/server_started.png'")))
 219                (substitute* "onionshare_gui/onionshare_gui.py"
 220                   ;; for the icon on the GUI
 221                  (("helpers.get_resource_path\\('images/logo.png'\\)")
 222                   (string-append "'" onionshare "/images/logo.png'")))
 223                (substitute* '("setup.py" "onionshare/helpers.py")
 224                  (("sys.prefix,") (string-append "'" out "',")))
 225                (substitute* "setup.py"
 226                  ;; for the nautilus plugin
 227                  (("/usr/share/nautilus") "share/nautilus"))
 228              #t)))
 229          (delete 'check)
 230          (add-before 'strip 'tests
 231            ;; After all the patching we run the tests after installing.
 232            ;; This is also a known issue:
 233            ;; https://github.com/micahflee/onionshare/issues/284
 234            (lambda _
 235              (invoke "nosetests" "test")
 236              #t)))))
 237     (native-inputs
 238      `(("python-nose" ,python-nose)))
 239     (inputs
 240      `(("python-flask" ,python-flask)
 241        ("python-nautilus" ,python-nautilus)
 242        ("python-sip" ,python-sip)
 243        ("python-stem" ,python-stem)
 244        ("python-pyqt" ,python-pyqt)))
 245     (home-page "https://onionshare.org/")
 246     (synopsis "Securely and anonymously share files")
 247     (description "OnionShare lets you securely and anonymously share files of
 248 any size.  It works by starting a web server, making it accessible as a Tor
 249 hidden service, and generating an unguessable URL to access and download the
 250 files.  It doesn't require setting up a server on the internet somewhere or
 251 using a third party filesharing service.  You host the file on your own computer
 252 and use a Tor hidden service to make it temporarily accessible over the
 253 internet.  The other user just needs to use Tor Browser to download the file
 254 from you.")
 255     (license (list license:gpl3+
 256                    license:bsd-3))))    ; onionshare/socks.py
 257
 258 (define-public nyx
 259   (package
 260     (name "nyx")
 261     (version "2.0.4")
 262     (source
 263      (origin
 264        (method url-fetch)
 265        (uri (pypi-uri name version))
 266        (patches
 267         (search-patches "nyx-show-header-stats-with-python3.patch"))
 268        (sha256
 269         (base32
 270          "0pm7vfcqr02pzqz4b2f6sw5prxxmgqwr1912am42xmy2i53n7nrq"))))
 271     (build-system python-build-system)
 272     (inputs
 273      `(("python-stem" ,python-stem)))
 274     (arguments
 275      `(#:phases
 276        (modify-phases %standard-phases
 277          (add-after 'install 'install-man-page
 278            (lambda* (#:key outputs #:allow-other-keys)
 279              (let* ((out (assoc-ref outputs "out"))
 280                     (man (string-append out "/share/man")))
 281                (install-file "nyx.1" (string-append man "/man1"))
 282                #t)))
 283          (add-after 'install 'install-sample-configuration
 284            (lambda* (#:key outputs #:allow-other-keys)
 285              (let* ((out (assoc-ref outputs "out"))
 286                     (doc (string-append out "/share/doc/" ,name "-" ,version)))
 287                (install-file "web/nyxrc.sample" doc)
 288                #t))))
 289        ;; XXX The tests seem to require more of a real terminal than the build
 290        ;; environment provides:
 291        ;;   _curses.error: setupterm: could not find terminal
 292        ;; With TERM=linux, the tests try to move the cursor and still fail:
 293        ;;   _curses.error: cbreak() returned ERR
 294        #:tests? #f))
 295     (home-page "https://nyx.torproject.org/")
 296     (synopsis "Tor relay status monitor")
 297     (description
 298      "Nyx monitors the performance of relays participating in the
 299 @uref{https://www.torproject.org/, Tor anonymity network}.  It displays this
 300 information visually and in real time, using a curses-based terminal interface.
 301 This makes Nyx well-suited for remote shell connections and servers without a
 302 graphical display.  It's like @command{top} for Tor, providing detailed
 303 statistics and status reports on:
 304
 305 @enumerate
 306 @item connections (with IP address, hostname, fingerprint, and consensus data),
 307 @item bandwidth, processor, and memory usage,
 308 @item the relay's current configuration,
 309 @item logged events,
 310 @item and much more.
 311 @end enumerate
 312
 313 Potential client and exit connections are scrubbed of sensitive information.")
 314     (license license:gpl3+)))