diff options
| -rw-r--r-- | README.md | 9 | ||||
| -rw-r--r-- | debian/control | 2 |
2 files changed, 9 insertions, 2 deletions
@@ -77,13 +77,20 @@ be configured for individual sources via sources.list options. By default, apt-transport-tor uses the following SOCKS proxy setting, which is the default location of a locally installed Tor instance: - Acquire::tor::proxy "socks5h://apt-transport-tor@localhost:9050"; + Acquire::tor::proxy "socks5h://apt-transport-tor@127.0.0.1:9050"; Note the use of a username to make use of the default IsolateSOCKSAuth Tor setting for stream isolation, which requires Tor 0.2.4.19 to work well. This means your apt traffic will be sent over a different circuit from your regular Tor traffic and for each host you connect to. +Earlier apt versions (before 1.7) default to `localhost` instead of `127.0.0.1`. +This can lead to SRV requests being sent to a DNS server – for most users that +should be a local caching server, but for some it might be a more remote (and +hence potentially hostile) server. This is something to be aware of in general +if you are using a hostname in the configuration. On the upside this can give +you all the flexibility provided via SRV. + ### Disabling use of http(s) without Tor in APT APT >= 1.3 allows methods to be disabled without removing them from the system, diff --git a/debian/control b/debian/control index 5d88e05..7093a32 100644 --- a/debian/control +++ b/debian/control @@ -14,7 +14,7 @@ Package: apt-transport-tor Architecture: all Multi-Arch: foreign Depends: apt (>= 1.3~rc1), ${misc:Depends} -Recommends: apt (>= 1.6~alpha6), tor +Recommends: apt (>= 1.7~alpha1), tor Description: APT transport for anonymous package downloads via Tor Provides support in APT for downloading packages anonymously via the Tor network. |