[bug#70341] [PATCH v7] services: tor: Add support for pluggable transports.

[Ludovic Courtès]

Hi Nigko,

Nigko Yerden <nigko.yerden@gmail.com> skribis:

> Pluggable transports are programs that disguise Tor traffic, which
> can be useful in case Tor is censored.  Pluggable transports
> cannot be configured by #:config-file file exclusively because Tor
> process is run via 'least-authority-wrapper' and cannot have access
> to transport plugin, which is a separate executable (Bug#70302,
> Bug#70332).
>
> Example configuration snippet to be appended to
> operation-system services
> (see https://bridges.torproject.org/ to get
> full bridge's lines):
>
> (service tor-service-type
>        (tor-configuration
>         (config-file (plain-file "torrc"
>                                  "\
> UseBridges 1
> Bridge obfs4 ...
> Bridge obfs4 ..."))
>         (transport-plugins
>          (list (tor-transport-plugin
>                 (path-to-binary
>                  (file-append
>                   
> go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
>                   "/bin/lyrebird")))))))
>
> * doc/guix.texi (Networking Services): Document 'tor-transport-plugin'
> data type and 'transport-plugins' option for 'tor-configuration.
> * gnu/services/networking.scm: Export
> 'tor-configuration-transport-plugins', 'tor-transport-plugin',
> 'tor-transport-plugin?', 'tor-transport-plugin-role',
> 'tor-transport-plugin-protocol', and 'tor-transport-plugin-path'.
> (<tor-configuration>): Add 'transport-plugins' field.
> (<tor-transport-plugin>): New variable.
> (tor-configuration->torrc): Add content to 'torrc' computed-file.
> (tor-shepherd-service): Add file-system-mapping(s).
>
> Change-Id: I1b0319358778c7aee650bc843e021a6803a1cf3a

[...]

> +Each transport plugin corresponds either to
> +``ClientTransportPlugin ...'' or to
> +``ServerTransportPlugin ...'' line in the default

Maybe use @code{…} instead of quotes above.

Could you perhaps move the example from the commit log to doc/guix.texi,
enclosed in @lisp, and with one or two sentences explaining what it
does?

> +configuration file, see the @code{man tor}.

Rather: “see @command{man tor}.”

> +(define-record-type* <tor-transport-plugin>
> +  tor-transport-plugin make-tor-transport-plugin
> +  tor-transport-plugin?
> +  (role           tor-transport-plugin-role
> +               (default 'client)
> +               (sanitize (lambda (value)
> +                           (if (memq value '(client server))
> +                               value
> +                               (configuration-field-error #f 'role value)))))
> +  (protocol       tor-transport-plugin-protocol
> +               (default "obfs4"))
> +  (path-to-binary tor-transport-plugin-path))

Rather: (program tor-plugin-program)

The doc needs to be updated as well.

(By convention, in Guix and GNU, “path” refers to “search paths” like
$PATH or $PYTHONPATH; to avoid the ambiguity, we use the term “file
name” or something along these lines.)

Apart from that it looks great to me.

Could you send an updated patch?

Thanks, and apologies for the delay!

Ludo’.