Make the torify script use torify when available.

Update Torify to use torsocks by default and to warn when the user is
using the older tsocks program. Update torify and the torify man page
to refelect changes to torify. Add warnings in both.

contrib/torify.1

@@ -1,22 +1,27 @@
 .TH torify 1 "" Jan-2009 ""
-.\" manual page by Peter Palfrader
+.\" manual page by Peter Palfrader and Jacob Appelbaum
 .SH NAME
 .LP
-torify \- wrapper for tsocks and tor
+torify \- wrapper for torsocks or tsocks and tor
 
 .SH SYNOPSIS
 \fBtorify\fP\ \fIapplication\fP\ [\fIapplication's\ arguments\fP]
 
 .SH DESCRIPTION
-\fBtorify\fR is a simple wrapper that calls tsocks with a tor specific
+\fBtorify\fR is a simple wrapper that attempts to find the best underlying Tor
+wrapper available on a system. It calls torsocks or tsocks with a tor specific
 configuration file.
 
+torsocks is an improved wrapper that explictly rejects UDP, safely resolves DNS
+lookups and properly socksifies your TCP connections.
+
 tsocks itself is a wrapper between the tsocks library and the application
 that you would like to run socksified.
 
-Please note that since tsocks uses LD_PRELOAD, torify cannot be applied
+Please note that since both method use LD_PRELOAD, torify cannot be applied
 to suid binaries.
 
+.SH WARNING
 You should also be aware that the way tsocks currently works only TCP
 connections are socksified.  Be aware that this will in most circumstances
 not include hostname lookups which would still be routed through your
@@ -25,8 +30,13 @@ normal system resolver to your usual resolving nameservers.  The
 The Tor FAQ at https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ might
 have further information on this subject.
 
+When used with torsocks, torify should not leak DNS requests or UDP data.
+
+Both will leak ICMP data.
+
 .SH SEE ALSO
 .BR tor (1),
 .BR tor-resolve (1),
+.BR torsocks (1),
 .BR tsocks (1),
 .BR tsocks.conf (5).

contrib/torify.in

@@ -10,32 +10,58 @@
 
 # Define and ensure we have tsocks
 # XXX: what if we don't have which?
+TORSOCKS="`which torsocks`"
 TSOCKS="`which tsocks`"
+PROG=""
 if [ ! -x "$TSOCKS" ]
 then
 	echo "$0: Can't find tsocks in PATH. Perhaps you haven't installed it?" >&2
-        exit 1
+else
+	PROG=$TSOCKS
+fi
+if [ ! -x "$TORSOCKS" ]
+then
+	echo "$0: Can't find torsocks in PATH. Perhaps you haven't installed it?" >&2
+else
+	PROG=$TORSOCKS
+fi
+
+if [ ! -x "$PROG" ]
+then
+	echo "$0: Can't find the required tor helpers in our PATH. Perhaps you haven't installed them?" >&2
+	exit 1;
 fi
 
 # Check for any argument list
 if [ "$#" = 0 ]
 then
-        echo "Usage: $0 <command> [<options>...]" >&2
+	echo "Usage: $0 [-hv] <command> [<options>...]" >&2
 	exit 1
 fi
 if [ "$#" = 1 ] && ( [ "$1" = "-h" ] || [ "$1" = "--help" ] )
 then
-        echo "Usage: $0 <command> [<options>...]"
+	echo "Usage: $0 [-hv] <command> [<options>...]"
 	exit 0
 fi
 
+if [ "$1" = "-v" ] || [ "$1" = "--verbose" ]
+then
+	echo "We're armed with the following tsocks: $TSOCKS"
+	echo "We're armed with the following torsocks: $TORSOCKS"
+	echo "We're attempting to use $PROG for all tor action."
+	shift 1
+fi
+
+if [ "$PROG" == "$TSOCKS" ]
+then
 	# Define our tsocks config file
-TSOCKS_CONF_FILE="@CONFDIR@/tor-tsocks.conf"
+	TSOCKS_CONF_FILE="/etc/tor/tor-tsocks.conf"
 	export TSOCKS_CONF_FILE
 
 	# Check that we've got a tsocks config file
 	if [ -r "$TSOCKS_CONF_FILE" ]
 	then
+		echo "WARNING: tsocks is known to leak DNS and UDP data." >&2
 		exec tsocks "$@"
 		echo "$0: Failed to exec tsocks $@" >&2
 		exit 1
@@ -43,3 +69,8 @@ else
 		echo "$0: Missing tsocks configuration file \"$TSOCKS_CONF_FILE\"." >&2
 		exit 1
 	fi
+fi
+if [ "$PROG" == "$TORSOCKS" ]
+then
+	exec torsocks "$@"
+fi