meejah / carml Goto Github PK

View Code? Open in Web Editor NEW

88.0 11.0 12.0 622 KB

Command-line utility to control Tor.

Home Page: http://tvflhlyx7o5qsl6a2v6pvzwripzzvzgt32tkhfbys7tj3zrm4faz53yd.onion/

License: The Unlicense

Makefile 2.86% Python 97.14%

networking privacy tor

carml's Introduction

carml

carml is a command-line tool to query and control a running Tor (including Tor Browser Bundle). You can do things like:

list and remove streams and circuits;

monitor stream, circuit and address-map events;

watch for any Tor event and print it (or many) out;

monitor bandwidth;

run any Tor control-protocol command;

pipe through common Unix tools like grep, less, cut, etcetera;

download TBB through Tor, with pinned certs and signature checking;

...even spit out and run xplanet configs (with router/circuit markers)!

It is written in Python and uses Tor's control-port via the txtorcon library.

Documentation at: carml.rtfd.org or tvflhlyx7o5qsl6a2v6pvzwripzzvzgt32tkhfbys7tj3zrm4faz53yd.onion/ Code at: github.com/meejah/carml

In some ways, carml started as a dumping-ground for things I happened to make Tor do at least once from Python code. Are there things you wish you could easily make Tor do from the command-line? File an enhancement bug at GitHub!

carml is also easy to extend, even with system- or virtualenv- installed packages.

Feedback is appreciated -- pull-requests and bug-reports (including feature enhancements) welcome at GitHub or you can contact me in #tor-dev on OFTC or via meejah at meejah dot ca with the public-key contained in the source.

Some Quick Examples

(venv)meejah@machine:~$ carml circ --list
Connected to a Tor version "0.2.4.21 (git-c5a648cc6f218339)" (status: recommended).
Circuits:
   809: BUILT 29 minutes ago carmlfake0->~Unnamed->lobstertech
   810: BUILT 29 minutes ago ~carmelfake1->~toxiroxi->~SECxFreeBSD64
   811: BUILT 5 minutes ago carmelfake2->torpidsDEinterwerk->~rainbowwarrior
   813: BUILT 24 seconds ago carmlfake0->~arkhaios1->~IPredator
(venv)meejah@machine:~$ carml circ --delete 810
Connected to a Tor version "0.2.4.21 (git-c5a648cc6f218339)" (status: recommended).
Deleting circuit "810"...
...circuit 172 gone.
(venv)meejah@machine:~$ echo "hello world" | carml pastebin --once
12 bytes to share.
Launching Tor: connected.
People using Tor Browser Bundle can find your paste at (once the descriptor uploads):

   http://ok2byooigb4v53be.onion

If you wish to keep the hidden-service keys, they're in (until we shut down):
/dev/shm/tortmp6eHPg4
Awaiting descriptor upload...
Descriptor uploaded; hidden-service should be reachable.
Mon Jul 21 13:54:38 2014: Serving request to User-Agent "curl/7.37.0".
Shutting down.
(venv3)meejah@machine:~$ carml tbb
Getting recommended versions from "http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/projects/torbrowser/RecommendedTBBVersions".
   7.5.5, 7.5.5-MacOS, 7.5.5-Linux, 7.5.5-Windows, 7.5.6, 7.5.6-MacOS,
   7.5.6-Linux, 7.5.6-Windows, 8.0a8, 8.0a8-MacOS, 8.0a8-Linux,
   8.0a8-Windows, 8.0a9, 8.0a9-MacOS, 8.0a9-Linux, 8.0a9-Windows
Note: there are alpha versions available; use --alpha to download.
Downloading "tor-browser-linux64-7.5.5_en-US.tar.xz.asc" from:
    http://scpalcwstkydpa3y7dbpkjs2dtr7zvtvdbyj3dqwkucfrwyixcl5ptqd.onion/torbrowser/7.5.5/tor-browser-linux64-7.5.5_en-US.tar.xz.asc
Downloading "tor-browser-linux64-7.5.5_en-US.tar.xz" from:
    http://scpalcwstkydpa3y7dbpkjs2dtr7zvtvdbyj3dqwkucfrwyixcl5ptqd.onion/torbrowser/7.5.5/tor-browser-linux64-7.5.5_en-US.tar.xz
[▏    ] - 0.0 of 65.8 MiB (1s remaining)
[▋    ] - 6.6 of 65.8 MiB (153s remaining)
[█▏   ] - 13.2 of 65.8 MiB (137s remaining)
[█▋   ] - 19.8 of 65.8 MiB (120s remaining)
[██▏  ] - 26.4 of 65.8 MiB (102s remaining)
[██▋  ] - 32.9 of 65.8 MiB (85s remaining)
[███▏ ] - 39.5 of 65.8 MiB (70s remaining)
[███▋ ] - 46.1 of 65.8 MiB (55s remaining)
[████▏] - 52.7 of 65.8 MiB (38s remaining)
[████▋] - 59.3 of 65.8 MiB (19s remaining)
[█████] - 65.8 of 65.8 MiB (0s remaining)
0.32 MiB/s
gpg: assuming signed data in 'tor-browser-linux64-7.5.5_en-US.tar.xz'
gpg: Signature made Sat 09 Jun 2018 06:42:37 AM MDT
gpg:                using RSA key D1483FA6C3C07136
gpg: Good signature from "Tor Browser Developers (signing key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290
     Subkey fingerprint: A430 0A6B C93C 0877 A445  1486 D148 3FA6 C3C0 7136
Signature is good.
Extracting "tor-browser-linux64-7.5.5_en-US.tar.xz"...
  decompressing...
   20% extracted
   40% extracted
   60% extracted
   80% extracted
  100% extracted
Tor Browser Bundle downloaded and extracted.
running: ./tor-browser_en-US/Browser/start-tor-browser

License

carml is public domain. See unlicense.org for more information.

carml's People

Contributors

Stargazers

Watchers

Forkers

isislovecruft special david415 h0k5 juga0 rprimus 5l1v3r1 e7dal ingramali nyxnor

carml's Issues

signatures

Context, this Tor ticket: http://ea5faa5po25cf7fb.onion/projects/tor/ticket/28682

carml releases should be signed (the source-code tags are signed already) and shipped similar to txtorcon (i.e. using twine etc).

Can poetry do anything for us here?

Selecting by fingerprint not working

          @meejah

carml could allow relay fingerprints to be specified:

$ /home/user/.local/bin/carml --connect tcp:127.0.0.1:8002 -d -p pbCKWPlvh2Zw2MDUYaTvWPTl circ -b 26ECEB6CB8B7C31031A4E220B1E2B82935032B10,A0B5B5906EB13F213D7CA9AFEC91934BE3A5930F,CA1684516B7FECF3DB76D43FD02F56D8B95E8A69
Couldn't look up 26ECEB6CB8B7C31031A4E220B1E2B82935032B10, but it looks like an ID
Error: 'str' object has no attribute 'name_is_unique'
Traceback (most recent call last):
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 874, in callback
    self._startRunCallbacks(result)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 981, in _startRunCallbacks
    self._runCallbacks()
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 1075, in _runCallbacks
    current.result = callback(  # type: ignore[misc]
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 1946, in _gotResultInlineCallbacks
    _inlineCallbacks(r, gen, status, context)
--- <exception caught here> ---
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 2000, in _inlineCallbacks
    result = context.run(gen.send, result)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/carml/cli.py", line 200, in _startup
    await cmd(reactor, cfg, tor, *args, **kwargs)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/carml/carml_circ.py", line 158, in run
    await build_circuit(reactor, cfg, tor, build.split(','))
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/carml/carml_circ.py", line 126, in build_circuit
    print("Building circuit:", '->'.join(util.nice_router_name(r) for r in routers))
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/carml/carml_circ.py", line 126, in <genexpr>
    print("Building circuit:", '->'.join(util.nice_router_name(r) for r in routers))
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/carml/util.py", line 120, in nice_router_name
    if router.name_is_unique:
builtins.AttributeError: 'str' object has no attribute 'name_is_unique'

Many Tor relays has "Unnamed" as names and some other has repeated names. Allowing selection of relays by fingerprint would be a nice thing to have in carml.

Originally posted by @przemyslaw0 in #58 (comment)

hash and sign dependencies

Context: tor ticket 28682 http://ea5faa5po25cf7fb.onion/projects/tor/ticket/28682

We don't ship hashed dependencies under either a signed tag nor in a signed release. Dependencies should be pinned and hashed and subject to a signature. Could explore poetry or pipenv for this?

streams from onion service to rendezvous point

Using carml monitor, I see client-side streams to rendezvous points for onion services being accessed, in HS_CLIENT_REND circuits. But for onion services that I host, when I access them from other VPS, I see no streams in HS_SERVICE_REND circuits. Or in HS_SERVICE_HSDIR or HS_SERVICE_INTRO circuits, for that matter.

How might I display them?

Initial Update

Hi 👊

This is my first visit to this fine repo, but it seems you have been working hard to keep all dependencies updated so far.

Once you have closed this issue, I'll create separate pull requests for every update as soon as I find one.

That's it for now!

Happy merging! 🤖

[cli.py] [--timestamps] Not showing

Mon Dec 17 06:36:34 GMT 2018

Cannot seem to get timestamps to show.

stream

: ; carml stream -L
Streams:
  1022: SUCCEEDED on circuit 443 (no flags)
  110: SUCCEEDED on circuit 60 (no flags)
  1357: SUCCEEDED on circuit 492 (no flags)

: ; carml -t stream -L
Streams:
  1022: SUCCEEDED on circuit 443 (no flags)
  110: SUCCEEDED on circuit 60 (no flags)
  1357: SUCCEEDED on circuit 492 (no flags)

monitor

: ; carml monitor
Current streams:
  Stream 1022 to 142.93.180.140:443 attached via circuit 443
  Stream 110 to 213.152.161.103:443 attached via circuit 60
  Stream 1357 to 192.30.253.124:443 attached via circuit 492
Current circuits:
  ID   | Age   | Path (router names, ~ means no Named flag) | State    | Purpose
 ------+-------+--------------------------------------------+----------+------------
    60 | 660min | ~TOR2DFN02a->~Spigen->~osipetz             | BUILT    | GENERAL
   443 | 729min | ~zouzounella->~torpidsFRpluss...->~hviv104 | BUILT    | GENERAL
   492 | 380min | ~zouzounella->~Pistis->~IPredator          | BUILT    | GENERAL
   501 |  6min | ~TOR2DFN02a                                | BUILT    | GENERAL
 ------+-------+--------------------------------------------+----------+------------
Current Entry Guards:
  $3711E80B5B04494C971FB0459D4209AB7F2EA799 0x3d002 (91.121.23.100)
  $E459E02374D0385D2E2515CBBE707EA208966BCF AsiaArgento (163.172.94.119)
  $9715C81BA8C5B0C698882035F75C67D6D643DBE3 csailmitnoexit (128.31.0.61)
  $5BAEAA88480E38F70CF87D3900D9412338116114 DipulseIT1 (62.210.177.181)
  $8FD3BAF5E14EBE1124D6253D59882AFE1C2B9B8E TOR2DFN02a (217.182.196.65 DE)
  $09A1AE88A78746AA9EC1BD5953E84F61CB763BCA Phoenix (195.154.156.231)
  $76B38701D06401717707265EAA8F9689CA1D2A0D hiddenrelay (163.172.174.142)
  $C130DD914A8D0E484E68DCC681B434A0BA044D9D taine (130.193.15.186)
  $DDBB2A38252ADDA53E4492DDF982CA6CC6E10EC0 zouzounella (83.212.99.68 GR)
  $D002C061F56CB6FE6FF7A27747EC2A7369ABBA9A nikomo (91.121.76.207)
  $3EDD00245D93664A33A724BA377150E5531ED033 twoface (185.8.63.38)
  $FD8F11C9315A799819882D0E304BF79F2BDAE6B8 Unnamed (62.210.85.178)
  $72B2B12A3F60408BDBC98C6DF53988D3A0B3F0EE TykRelay01 (85.235.250.88)
  $39EE3BAB3CE3E46EF4B44DC51B6CEBD270FC5865 cloud9 (82.165.247.47)
No address mappings.

Following new Stream and Circuit and Address activity:
^CError: Connection to the other side was lost in a non-clean fashion: Connection lost.
Tor disconnected.

: ; carml -t monitor
Current streams:
  Stream 1022 to 142.93.180.140:443 attached via circuit 443
  Stream 110 to 213.152.161.103:443 attached via circuit 60
  Stream 1357 to 192.30.253.124:443 attached via circuit 492
Current circuits:
  ID   | Age   | Path (router names, ~ means no Named flag) | State    | Purpose
 ------+-------+--------------------------------------------+----------+------------
    60 | 661min | ~TOR2DFN02a->~Spigen->~osipetz             | BUILT    | GENERAL
   443 | 729min | ~zouzounella->~torpidsFRpluss...->~hviv104 | BUILT    | GENERAL
   492 | 380min | ~zouzounella->~Pistis->~IPredator          | BUILT    | GENERAL
   501 |  6min | ~TOR2DFN02a                                | BUILT    | GENERAL
 ------+-------+--------------------------------------------+----------+------------
Current Entry Guards:
  $3711E80B5B04494C971FB0459D4209AB7F2EA799 0x3d002 (91.121.23.100)
  $E459E02374D0385D2E2515CBBE707EA208966BCF AsiaArgento (163.172.94.119)
  $9715C81BA8C5B0C698882035F75C67D6D643DBE3 csailmitnoexit (128.31.0.61)
  $5BAEAA88480E38F70CF87D3900D9412338116114 DipulseIT1 (62.210.177.181)
  $8FD3BAF5E14EBE1124D6253D59882AFE1C2B9B8E TOR2DFN02a (217.182.196.65 DE)
  $09A1AE88A78746AA9EC1BD5953E84F61CB763BCA Phoenix (195.154.156.231)
  $76B38701D06401717707265EAA8F9689CA1D2A0D hiddenrelay (163.172.174.142)
  $C130DD914A8D0E484E68DCC681B434A0BA044D9D taine (130.193.15.186)
  $DDBB2A38252ADDA53E4492DDF982CA6CC6E10EC0 zouzounella (83.212.99.68 GR)
  $D002C061F56CB6FE6FF7A27747EC2A7369ABBA9A nikomo (91.121.76.207)
  $3EDD00245D93664A33A724BA377150E5531ED033 twoface (185.8.63.38)
  $FD8F11C9315A799819882D0E304BF79F2BDAE6B8 Unnamed (62.210.85.178)
  $72B2B12A3F60408BDBC98C6DF53988D3A0B3F0EE TykRelay01 (85.235.250.88)
  $39EE3BAB3CE3E46EF4B44DC51B6CEBD270FC5865 cloud9 (82.165.247.47)
No address mappings.

Following new Stream and Circuit and Address activity:
^CError: Connection to the other side was lost in a non-clean fashion: Connection lost.
Tor disconnected.

What am I missing?
LogObserver also has the ability to display timestamps. Where is this capability activated?

debian needs "apt-get install liblzma-dev"

Update readme.

Support stealth authentication for "pastebin"

Add something like --auth N that creates N stealth authentication tokens and prints out command-lines that you can share with N people to give them access to the pastebin.

Even neater idea, maybe, might be to make hitting return while carml pastebin is running create a new authenticator and spit it out...

Debian packaging, any plans?

https://carml.readthedocs.io/en/latest/installation.html#signatures

Note: a much easier and arguably better way to get this on Debian or Ubuntu would be for someone to package it in Debian…

Any plans to package it to debian of someone else to do it still stands?

Error: 'NoneType' object is not subscriptable

I followed all the instructions when I installed carml, but I get this error:

$ /home/user/.local/bin/carml --connect tcp:127.0.0.1:8002 -d -p 02akZrcW12xuvHcwSVUwlDLU circ --list
Error: 'NoneType' object is not subscriptable
Traceback (most recent call last):
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 700, in errback
    self._startRunCallbacks(fail)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 763, in _startRunCallbacks
    self._runCallbacks()
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 857, in _runCallbacks
    current.result = callback(  # type: ignore[misc]
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 1750, in gotResult
    current_context.run(_inlineCallbacks, r, gen, status)
--- <exception caught here> ---
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 1656, in _inlineCallbacks
    result = current_context.run(
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/python/failure.py", line 514, in throwExceptionIntoGenerator
    return g.throw(self.type, self.value, self.tb)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/carml/cli.py", line 154, in _startup
    tor = await txtorcon.connect(reactor, ep)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 1656, in _inlineCallbacks
    result = current_context.run(
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/python/failure.py", line 514, in throwExceptionIntoGenerator
    return g.throw(self.type, self.value, self.tb)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/txtorcon/controller.py", line 462, in connect
    raise errors[0]
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/txtorcon/controller.py", line 456, in connect
    tor = yield try_endpoint(ep)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 1656, in _inlineCallbacks
    result = current_context.run(
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/python/failure.py", line 514, in throwExceptionIntoGenerator
    return g.throw(self.type, self.value, self.tb)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/txtorcon/controller.py", line 427, in try_endpoint
    config = yield TorConfig.from_protocol(proto)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 1656, in _inlineCallbacks
    result = current_context.run(
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/python/failure.py", line 514, in throwExceptionIntoGenerator
    return g.throw(self.type, self.value, self.tb)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/txtorcon/torconfig.py", line 584, in from_protocol
    yield cfg.post_bootstrap
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/twisted/internet/defer.py", line 1660, in _inlineCallbacks
    result = current_context.run(gen.send, result)
  File "/home/user/.local/pipx/venvs/carml/lib/python3.11/site-packages/txtorcon/torconfig.py", line 1084, in _do_setup
    v = v[name]
builtins.TypeError: 'NoneType' object is not subscriptable

My Linux is Debian GNU/Linux Trixie (testing) amd64, my Python version is 3.11.6.

The carml I installed is inside a venv.

fix requirements

wgreenhouse reports in #tor that carml is pulling in Twisted == 14.0.0 for some reason. Also, the peep-style hashes are obsolete as that's been pulled into pip proper post 8.0 so those should be upgraded too.

filter streams per SOURCE_ADDR

Feature request

I'd like a command line option to filter streams per source_addr.

This is very useful when tor is running in a gateway and you have plenty of clients connecting to it. It makes output clearer by only showing the streams from the client you want to see.

By default, show streams from all source addresses, but if one or more are specified, then only the specified ones.

I cannot grep per source address and I don't understand why...
I'm trying $ carml monitor -cga | grep "from remote \"xxx.xxx.xxx.xxx:" I'm escaping the first quote and then ending at :because the port may vary. But even if I just try to grep the patternsfrom process, or from remote`, it is not working... It doesn't print anything.

$ carml monitor -cga | grep "from process"
^CException ignored in: <_io.TextIOWrapper name='<stdout>' mode='w' encoding='utf-8'>
BrokenPipeError: [Errno 32] Broken pipe

If the sigpipe issue is fixed, then maybe there is no reason for a command line option, just a nice to have.

txtorcon already knows if it is local or remote, and I like if gets the process via /proc and prints it instead of solely 127.0.0.1. So would be great to have the addition of filtering per source address.

Monitor streams:
r being source address.

$ carml -cg --source-addr 10.172.20.1,10.172.20.2
$ carml -cg -r 10.172.20.1,10.172.20.2

new way to get recommended TBB

There is no more "recommended tbb versions" thing to grok.

The new thing is https://aus1.torproject.org/torbrowser/update_3/release/downloads.json (there is an onion version of aus1).
I'm warned that "updated_3" will change to "update_4" without warning.

ValueError: invalid literal for int() with base 10: 'tcp'

If TOR_CONTROL_PORT is set, carml fails with ValueError: invalid literal for int() with base 10: 'tcp'

TOR_CONTROL_PORT=9051 carml circ --list
Traceback (most recent call last):
  File "/usr/lib/python-exec/python2.7/carml", line 11, in <module>
    load_entry_point('carml==17.2.0', 'console_scripts', 'carml')()
  File "/usr/lib64/python2.7/site-packages/carml/dispatch.py", line 196, in dispatch
    endpoint = endpoints.clientFromString(reactor, 'tcp:' + options['connect'])
  File "/usr/lib64/python2.7/site-packages/twisted/internet/endpoints.py", line 1760, in clientFromString
    kwargs = _clientParsers[name](*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/twisted/internet/endpoints.py", line 1537, in _parseClientTCP
    kwargs['port'] = int(args[0])
ValueError: invalid literal for int() with base 10: 'tcp'

Feature request: Ability to select a minimum bandwidth for circuits when building them

@meejah I don't know if you'll find this suggestion relevant, but it's a reasonable idea.

So, I use to connect to VPNs over Tor, but it's slow, so I need to pickup faster or no-overcharged Tor nodes for that.

An option to specify the minimum circuit bandwidth would be a good idea.

It could be: --bandwidth

Also, I have a question:

Is it possible to build a circuit larger than defined when compiling Tor? I mean, to build a circuit with 6 hops instead of 3 with an option like this: carml --connect tcp:127.0.0.1:9051 circ --build *,*,*,*,*,*

ImportError: No module named dispatch

Using 929abb4, I tried to install on debian sid, and had the following problem:

micah@reeds:carml$ make
virtualenv venv
Running virtualenv with interpreter /usr/bin/python2
New python executable in /home/micah/working/tor/carml/venv/bin/python2
Also creating executable in /home/micah/working/tor/carml/venv/bin/python
Installing setuptools, pkg_resources, pip, wheel...done.
./venv/bin/pip install -U pip
Requirement already up-to-date: pip in ./venv/lib/python2.7/site-packages
./venv/bin/pip install --editable .
Obtaining file:///home/micah/working/tor/carml
Collecting humanize (from carml==17.4.0)
Collecting ansicolors (from carml==17.4.0)
  Using cached ansicolors-1.1.8-py2.py3-none-any.whl
Collecting backports.lzma (from carml==17.4.0)
Collecting txtorcon>=0.19.1 (from carml==17.4.0)
  Using cached txtorcon-0.19.3-py2.py3-none-any.whl
Collecting txsocksx>=1.15.0.2 (from carml==17.4.0)
  Using cached txsocksx-1.15.0.2-py2-none-any.whl
Collecting click>=6.7 (from carml==17.4.0)
  Using cached click-6.7-py2.py3-none-any.whl
Collecting ipaddress>=1.0.16 (from txtorcon>=0.19.1->carml==17.4.0)
  Using cached ipaddress-1.0.18-py2-none-any.whl
Collecting zope.interface>=3.6.1 (from txtorcon>=0.19.1->carml==17.4.0)
  Using cached zope.interface-4.4.3-cp27-cp27mu-manylinux1_x86_64.whl
Collecting automat (from txtorcon>=0.19.1->carml==17.4.0)
  Using cached Automat-0.6.0-py2.py3-none-any.whl
Collecting incremental (from txtorcon>=0.19.1->carml==17.4.0)
  Using cached incremental-17.5.0-py2.py3-none-any.whl
Collecting Twisted[tls]>=15.5.0 (from txtorcon>=0.19.1->carml==17.4.0)
Collecting Parsley>=1.2 (from txsocksx>=1.15.0.2->carml==17.4.0)
  Using cached Parsley-1.3-py2.py3-none-any.whl
Requirement already satisfied: setuptools in ./venv/lib/python2.7/site-packages (from zope.interface>=3.6.1->txtorcon>=0.19.1->carml==17.4.0)
Collecting attrs (from automat->txtorcon>=0.19.1->carml==17.4.0)
  Using cached attrs-17.2.0-py2.py3-none-any.whl
Collecting six (from automat->txtorcon>=0.19.1->carml==17.4.0)
  Using cached six-1.11.0-py2.py3-none-any.whl
Collecting constantly>=15.1 (from Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached constantly-15.1.0-py2.py3-none-any.whl
Collecting hyperlink>=17.1.1 (from Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached hyperlink-17.3.1-py2.py3-none-any.whl
Collecting service-identity; extra == "tls" (from Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached service_identity-17.0.0-py2.py3-none-any.whl
Collecting pyopenssl>=16.0.0; extra == "tls" (from Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached pyOpenSSL-17.3.0-py2.py3-none-any.whl
Collecting idna!=2.3,>=0.6; extra == "tls" (from Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached idna-2.6-py2.py3-none-any.whl
Collecting pyasn1 (from service-identity; extra == "tls"->Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached pyasn1-0.3.7-py2.py3-none-any.whl
Collecting pyasn1-modules (from service-identity; extra == "tls"->Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached pyasn1_modules-0.1.5-py2.py3-none-any.whl
Collecting cryptography>=1.9 (from pyopenssl>=16.0.0; extra == "tls"->Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached cryptography-2.1.1-cp27-cp27mu-manylinux1_x86_64.whl
Collecting cffi>=1.7; platform_python_implementation != "PyPy" (from cryptography>=1.9->pyopenssl>=16.0.0; extra == "tls"->Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached cffi-1.11.2-cp27-cp27mu-manylinux1_x86_64.whl
Collecting enum34; python_version < "3" (from cryptography>=1.9->pyopenssl>=16.0.0; extra == "tls"->Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached enum34-1.1.6-py2-none-any.whl
Collecting asn1crypto>=0.21.0 (from cryptography>=1.9->pyopenssl>=16.0.0; extra == "tls"->Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
  Using cached asn1crypto-0.23.0-py2.py3-none-any.whl
Collecting pycparser (from cffi>=1.7; platform_python_implementation != "PyPy"->cryptography>=1.9->pyopenssl>=16.0.0; extra == "tls"->Twisted[tls]>=15.5.0->txtorcon>=0.19.1->carml==17.4.0)
Installing collected packages: humanize, ansicolors, backports.lzma, ipaddress, zope.interface, attrs, six, automat, incremental, constantly, hyperlink, pycparser, cffi, enum34, idna, asn1crypto, cryptography, pyopenssl, pyasn1, pyasn1-modules, service-identity, Twisted, txtorcon, Parsley, txsocksx, click, carml
  Running setup.py develop for carml
Successfully installed Parsley-1.3 Twisted-17.9.0 ansicolors-1.1.8 asn1crypto-0.23.0 attrs-17.2.0 automat-0.6.0 backports.lzma-0.0.8 carml cffi-1.11.2 click-6.7 constantly-15.1.0 cryptography-2.1.1 enum34-1.1.6 humanize-0.5.1 hyperlink-17.3.1 idna-2.6 incremental-17.5.0 ipaddress-1.0.18 pyasn1-0.3.7 pyasn1-modules-0.1.5 pycparser-2.18 pyopenssl-17.3.0 service-identity-17.0.0 six-1.11.0 txsocksx-1.15.0.2 txtorcon-0.19.3 zope.interface-4.4.3
micah@reeds:carml$ torsocks ssh -v hmsjlqkrq7mfnkpr.onion^C
micah@reeds:carml130$ bin/car^C
micah@reeds:carml130$ . venv/
bin/     include/ lib/     local/   share/   
micah@reeds:carml130$ . venv/bin/activate
(venv) micah@reeds:carml$ carm^C
(venv) micah@reeds:carml130$ carml relay --info DebianTorNode
Traceback (most recent call last):
  File "/home/micah/working/tor/carml/venv/bin/carml", line 11, in <module>
    load_entry_point('carml', 'console_scripts', 'carml')()
  File "/home/micah/working/tor/carml/venv/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 561, in load_entry_point
    return get_distribution(dist).load_entry_point(group, name)
  File "/home/micah/working/tor/carml/venv/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2631, in load_entry_point
    return ep.load()
  File "/home/micah/working/tor/carml/venv/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2291, in load
    return self.resolve()
  File "/home/micah/working/tor/carml/venv/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2297, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/home/micah/working/tor/carml/carml/__init__.py", line 6, in <module>
    from carml.dispatch import dispatch
ImportError: No module named dispatch
(venv) micah@reeds:carml1$

[python 3.7.1] Invalid syntax

Sun Dec 16 19:54:48 GMT 2018

FYI:

Just tried with 3.7.1 and got:

: ; carml
Traceback (most recent call last):
  File "/Users/rprimus/.pyenv/versions/3.7.1/bin/carml", line 7, in <module>
    from carml.cli import carml
  File "/Users/rprimus/.pyenv/versions/3.7.1/lib/python3.7/site-packages/carml/cli.py", line 556
    def relay(ctx, list, info, await, info_file):
                                   ^
SyntaxError: invalid syntax

Trying to track down what's the problem.

Documentation for python3

carml requires python3 now; documentation needs upgrading to reflect that.

Error: decoding to str: need a bytes-like object, tuple found

I recently installed carml, and executing any command results in an error. Stack trace attached (with -d option):

carml -d stream -L

Error: decoding to str: need a bytes-like object, tuple found
Traceback (most recent call last):
File "/home/piyush/.local/lib/python3.8/site-packages/twisted/internet/defer.py", line 661, in callback
self._startRunCallbacks(result)
File "/home/piyush/.local/lib/python3.8/site-packages/twisted/internet/defer.py", line 763, in _startRunCallbacks
self._runCallbacks()
File "/home/piyush/.local/lib/python3.8/site-packages/twisted/internet/defer.py", line 857, in _runCallbacks
current.result = callback( # type: ignore[misc]
File "/home/piyush/.local/lib/python3.8/site-packages/twisted/internet/defer.py", line 1750, in gotResult
current_context.run(_inlineCallbacks, r, gen, status)
--- ---
File "/home/piyush/.local/lib/python3.8/site-packages/twisted/internet/defer.py", line 1660, in _inlineCallbacks
result = current_context.run(gen.send, result)
File "/home/piyush/.local/lib/python3.8/site-packages/carml/cli.py", line 156, in _startup
print("Connected via {}".format(str(tor.protocol.transport.addr, "utf8")))
builtins.TypeError: decoding to str: need a bytes-like object, tuple found

It seems like there is some change in the way tor returns certain data that the carml's current implementation is not able to decode.

fix setup.py dependencies + install instructions

From alecmuffett in #tor-project:

Raspian
had to apt-get install liblzma-dev
for some reason had to manually pip-install twisted, service_identity, ipaddress and parsley

pastebin needs PANDA-like interface for exchanging onions

Alice and Bob should be able to sit next to each other and exchange files over Tor hidden services... however it is cumbersome to dictate and transcribe Tor onion addresses. A PAKE system should therefore be utilized for this purpose... this requires Alice and Bob to both connect to the same PAKE server... of course.

I think the first step might be to create a Twisted cred plugin for Brian Warner's pure python JPAKE implementation:

https://github.com/warner/python-jpake

setting up control-port auth

Improve instructions for setting up cookie authentication and tor control-port in general. Possibly also include this as some carml hints on the command-line

Filter stream-attach circuits on DIR_* purpose

If a stream with a purpose starting with DIR_ is proposed for attachment, we shouldn't do that (i.e. we should let Tor attach it).

separate interface from data

Let's say I want to determine the entry node ip address and country, using the cli, our starting point looks something like (shortened for brevity):

$ carml circ --list --verbose | tee /tmp/out | head -n5
Circuits:
  ID   | Age   | Path (router names, ~ means no Named flag) | State    | Purpose
 ------+-------+--------------------------------------------+----------+------------
    31 |  177s | ~niftyshrew->~setsun->~tor01aditaa         | BUILT    | GENERAL
         BUILD_FLAGS=NEED_CAPACITY, PURPOSE=GENERAL, TIME_CREATED=2020-05-26T18:08:52.059798
...

To get the entry node ip address and country code, from a cli, I could do:

$ cat /tmp/out | grep -Eo '[0-9.]+\s[A-Z]{2}' | head -1
12.34.56.78 FR

Which is, of course, insane - the table layout is fine and all, but the purpose of the cli is provide convenient interface BETWEEN PROCESSES, so that we can programmatically interface-with and build pipelines-around expected data.

It would be nice if i could just list the circuits and nodes, as space and newline separated, which empowers the end user to do what they wish with the data; instead I have to work to strip out all those pretty formatting concerns.

Cheers

Remove txsocksx dependency using txtorcon TorSocksEndpoint

txsocksx is not needed anymore because txtorcon implements the socks endpoint and it's the only dependency that is preventing carml to be python 3 compatible.

Creating this issue so that we don't forget. I don't know if/when i could work on it.

Add support for full addresses to the temphs command

Tor's HiddenServicePort directive takes a remote port number and an address - an IP and a port number. This can be used to create a service backed by a server not on localhost. carml temphs seems to only accept remote port number and a port number on localhost.

Extend carml temphs so it can specify a non-localhost "local" address for the service.

I'd suggest something like carm temphs <remote port>[:<target address>]:<target port> (and perhaps allow multiple such positional arguments to set up multiple services.

add stealth onion git sharing?

here's a little shell script i wrote to express a private work flow using git over onion service.
https://gist.github.com/david415/120f157f62d20b11e39f

it would be even cooler if we could make it work with stealth authenticated hidden services!

carml stealth-git create
# outputs a "git url"
carml stealth-git clone <git-url>
# or
cd my_project_repo
carml stealth-git fetch <git-url>