Tor can now serve as http proxy - HTTPTunnelPort

Patrick · June 25, 2018, 3:29am

According to How can we help? | Tor Project | Support Tor now supports HTTPTunnelPort, i.e. serving as an incoming http proxy, if I understand that right.

HTTPTunnelPort [address:]port|auto [isolation flags]

Open this port to listen for proxy connections using the “HTTP CONNECT” protocol instead of SOCKS. Set this to 0 0 if you don’t want to allow “HTTP CONNECT” connections. Set the port to “auto” to have Tor pick a port for you. This directive can be specified multiple times to bind to multiple addresses/ports. See SOCKSPort for an explanation of isolation flags. (Default: 0)

In past we’ve run into a few issues where applications had http proxy support but not socks proxy support. In these cases one needed to involve privoxy or polipo as a http proxy to socks proxy translator, which is really cumbersome (and may not provide stream isolation if used more than one application using it at the same time).

Does anyone remember these use cases?

What new options will HTTPTunnelPort give us at Whonix?

HulaHoop · June 25, 2018, 1:42pm

Yes indeed! This would make Tor more compatible with much more programs. I will try and search the forums for past mentions and report back.

HulaHoop · June 25, 2018, 2:02pm

No directly relevant mentions of HTTP torrification, however I noticed Gajim can use HTTP Connect. Does that change anything for the better in this case?

Patrick · June 25, 2018, 4:26pm

No, if SocksPort is supported it is generally strongly preferred over http proxy.

(Except in theoretic cases we knew that SocksPort support is leaky while http proxy support is fine.)

Patrick · August 8, 2018, 8:06am

Let’s provide a few [1] HTTPTunnelPorts by default for custom user use in case this gets relevant?

On the other hand, does Tor’s use of RAM increase in significance ways with each opened SocksPort / HTTPTunnelPort port?

[1] Similar to the list of provided ports for use by users on Stream Isolation.

bz3ipfptl2 · March 15, 2019, 6:24am

hi patrick any update on this?

I am trying to use http proxies with an app that lets you split multiple protonmail accounts but they only accept http proxies

Patrick · March 15, 2019, 6:56am

Previously due to lack of interest and activity and due to lack of practical use cases in this thread, no update planned.

Meanwhile you can add manually add HTTPTunnelPort’s to your Tor config file.

Tor - Whonix

Patrick · December 13, 2020, 4:48pm

Was actually implemented.

In Non-Qubes-Whonix.

IP: 10.152.152.10
port: 9190

Qubes-Whonix: adjust IP of Whonix-Gateway.

For other ports and other stream isolation settings, see file /usr/share/tor/tor-service-defaults-torrc:

cat /usr/share/tor/tor-service-defaults-torrc

github.com

Whonix/anon-gw-anonymizer-config/blob/master/usr/share/tor/tor-service-defaults-torrc.anondist#L321-L375


      
          # without IsolateDestAddr
          # with IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9210 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9211 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9212 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9213 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9214 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9215 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9216 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9217 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9218 IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9219 IsolateDestPort
          
          
# with IsolateDestAddr
          # with IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9220 IsolateDestAddr IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9221 IsolateDestAddr IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9222 IsolateDestAddr IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9223 IsolateDestAddr IsolateDestPort
          HTTPTunnelPort 10.152.152.10:9224 IsolateDestAddr IsolateDestPort

This file has been truncated. show original

Patrick · August 10, 2022, 10:01am