1 2012-05-26 00:04:31 <graingert> you cannot ask tor to resolve a hidden service?
 2 2012-05-26 00:05:00 <gmaxwell> graingert: not from a friendly name!
 3 2012-05-26 00:05:10 <graingert> sipa: ....
 4 2012-05-26 00:05:23 <graingert> gmaxwell: you mean a CNAME ?
 5 2012-05-26 00:05:42 <gmaxwell> Indeed, not usefully.
 6 2012-05-26 00:05:57 <sipa> graingert: if you ask tor to connect to a host that is specified by name, you open a proxy connection to an exit node, and send the hostname there
 7 2012-05-26 00:06:21 <sipa> while you're exactly trying to avoid needing an exit node
 8 2012-05-26 00:06:50 <sipa> but maybe tor has some magic to deal with this... unsure
 9 2012-05-26 00:09:35 <gmaxwell> no, it even makes exit enclaves behave stupidly.
10 2012-05-26 00:10:54 <sipa> so what you'd like is use an exit node to do a dns request, return that, interpret the result as an onion address, and then reconnect to that
11 2012-05-26 00:11:16 <sipa> but that would indeed require our own DNS resolver
12 2012-05-26 00:12:40 <gmaxwell> sipa: thus http://www.mulliner.org/collin/ttdnsd.php
13 2012-05-26 00:13:39 <RedEmerald> doesn't Tor have the DNS stuff built in now?
14 2012-05-26 00:14:00 <RedEmerald> my torrc on TorBox has DNSPort 53 and DNSLisenAddress 192.168.0.1
15 2012-05-26 00:15:27 <gmaxwell> RedEmerald: that just does the socksresolve I thought.
16 2012-05-26 00:15:51 <RedEmerald> is that not enough?
17 2012-05-26 00:18:15 <sipa> that would be enough for us, but requiring torbox is not really an option for that
18 2012-05-26 00:18:43 <RedEmerald> true
19 2012-05-26 00:19:10 <RedEmerald> it doesn't require torbox, it just requires adding some lines to torrc
20 2012-05-26 00:19:43 <luke-jr> and resolv.comnf
21 2012-05-26 00:19:44 <luke-jr> conf*
22 2012-05-26 00:20:37 <sipa> oh yes, indeed
23 2012-05-26 00:20:46 <gmaxwell> stupid system resolver.
24 2012-05-26 00:21:10 <gmaxwell> [gmaxwell@helmholtz tor]$ grep DNSLisenAddress `find ./ -type f `
25 2012-05-26 00:21:11 <sipa> well, creating dns packets and parsing them isn't *that* hard
26 2012-05-26 00:21:15 <gmaxwell> ^ nothing in stock tor for that.
27 2012-05-26 00:21:23 <sipa> gmaxwell: you may want to add a t
28 2012-05-26 00:21:45 <RedEmerald> *ListenAddress
29 2012-05-26 00:22:33 <gmaxwell> Indeed.
30 2012-05-26 00:22:45 <gmaxwell> I still don't think it will work for us, I think it will do the same thing as socks resolve.
31 2012-05-26 00:22:55 <gmaxwell> Meaning: can't get multiple results, can't get AAAA records.
32 2012-05-26 00:23:24 <gmaxwell> RedEmerald: can you try? use dig for AAAA records on ipv6.google.com at that?
33 2012-05-26 00:24:01 <RedEmerald> what is dig in? netutils?
34 2012-05-26 00:24:14 <sipa> hmm, i don't get AAAA results for ipv6.google.com
35 2012-05-26 00:24:24 <RedEmerald> dnsutils
36 2012-05-26 00:25:00 <RedEmerald> torbox has ipv6 firewalled
37 2012-05-26 00:25:16 <gmaxwell> Irrelevant.
38 2012-05-26 00:25:30 <gmaxwell> You should be able to  dig -t AAAA ipv6.google.com  and get an address.
39 2012-05-26 00:25:41 <sipa> i get none, gmaxwell
40 2012-05-26 00:25:47 <gmaxwell> sipa: weird, I sure do.
41 2012-05-26 00:25:47 <RedEmerald> i get none
42 2012-05-26 00:26:02 <sipa> oh
43 2012-05-26 00:26:07 <RedEmerald> i get some on my laptop, but none on my torbox workstation
44 2012-05-26 00:26:07 <sipa> i typed .con :(
45 2012-05-26 00:26:10 <gmaxwell> RedEmerald: also, dig www.google.com   .. do you get back 6-10 addresses?
46 2012-05-26 00:26:38 <sipa> RedEmerald: you may want to add '@127.0.0.1'
47 2012-05-26 00:26:39 <RedEmerald> i just get back 1
48 2012-05-26 00:26:41 <gmaxwell> Or just one?
49 2012-05-26 00:26:43 <gmaxwell> RedEmerald: right. as I said, it's just using the tor resolve stuff which is inadequate for our purposes.
50 2012-05-26 00:27:08 <RedEmerald> too bad
51 2012-05-26 00:28:47 <da2ce7> http://i.qkme.me/3pgbel.jpg
52 2012-05-26 00:29:12 <RedEmerald> im waiting a week for my bank to move money
53 2012-05-26 00:29:20 <RedEmerald> so an hour feels great
54 2012-05-26 00:29:30 <sipa> it's seconds to move the money
55 2012-05-26 00:29:39 <sipa> it's 6 confirmations to know it won't be reverted
56 2012-05-26 00:29:56 <amiller> when's the last time anyone heard from mizerydearia
57 2012-05-26 00:29:58 <sipa> that takes your bank weeks ;)
58 2012-05-26 00:30:16 <da2ce7> sipa: I know... just transfering it from web account A to web account B