Initial commit of first working version.

README.md

@@ -0,0 +1,71 @@
+Contribute anonymously to Git repositories over Tor.
+
+## tl;dr ##
+
+	yourname@yourbox:~$ . gitnonymous somename
+	somename⚔ yourname@yourbox:~$ git commit_
+
+## Setup ##
+
+Before you start, you'll probably want to:
+
+ * Set up an anonymous email account with some provider.
+ * Sign up to the Git hosting service you use with that anonymous email address.
+
+To configure a new anonymous identity on your machine:
+
+	$ ./gitnonymous-setup KEYNAME
+
+Where `KEYNAME` is some memorable string that you will use to identify your anonymous ID like `baby-protector` or `elite-freedom-defender`. You can create multiple anonymous identities.
+
+Be aware that `KEYNAME` is stored in the SSH public key's comment field so don't make it personally identifiable.
+
+Then you should edit the new file in `~/.gitnonymous-KEYNAME/config` to set the email address and name of your anonymous identity:
+
+	export GIT_COMMITTER_NAME="Baby Protector"
+	export GIT_COMMITTER_EMAIL="protect-all-babies@anonymous-mail-provider.com"
+	export GIT_AUTHOR_NAME="Baby Protector"
+	export GIT_AUTHOR_EMAIL="protect-all-babies@anonymous-mail-provider.com"
+
+## Use ##
+
+You can symlink the `gitnonymous` and `gitnonymous-setup` commands into your `~/bin` folder or somewhere else on your `PATH` to execute them without typing the full path.
+
+Each time you want make anonymous commits in the current shell:
+
+	$ . gitnonymous KEYNAME
+
+After that when you commit and push you will do so with the anonymous identity you have created, over the tor network, using the new SSH key that was created.
+
+This command:
+
+ * Spawns an `ssh-agent` that is limited to the current shell.
+ * Adds the anonymous SSH key to `ssh-agent`.
+ * Sets the `GIT_COMMITTER` and `GIT_AUTHOR` environment variables.
+ * Sets the `GIT_SSH` environment variable to point at a configured `git-ssh-wrap` script.
+ * Sets the `GIT_PROXY_COMMAND` environment variable to proxy network requests through tor.
+
+Your prompt will be updated to reflect the configured environment:
+
+	KEYNAME⚔ yourname@yourbox:~$
+
+To deactivate the gitnonymous environment run the same command again:
+
+	KEYNAME⚔ yourname@yourbox:~$ . gitnonymous KEYNAME
+	yourname@yourbox:~$ _
+
+Or just exit the current shell.
+
+## Dependencies ##
+
+ * `git`
+ * `tor` (install `tor` package)
+ * `nc` (install `netcat-openbsd` package)
+ * `ssh`
+ * `bash`
+
+## Tested ##
+
+ * With `git` 1.9.1 on Xubuntu 14.04.
+
+Patches welcome!

config

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+export GIT_COMMITTER_NAME="YOUR NAME"
+export GIT_COMMITTER_EMAIL="your.email@your-anonymous-provider.com"
+export GIT_AUTHOR_NAME="YOUR NAME"
+export GIT_AUTHOR_EMAIL="your.email@your-anonymous-provider.com"

git-proxy-command

@@ -0,0 +1,3 @@
+#!/usr/bin/env sh
+
+nc -X 5 -x 127.0.0.1:9050 $*

git-ssh-wrap

@@ -0,0 +1,3 @@
+#!/usr/bin/env sh
+
+ssh -i "${HOME}/.gitnonymous-KEYNAME/ssh/id_rsa" -o ProxyCommand="nc -X 5 -x localhost:9050 %h %p" $@

gitnonymous

@@ -0,0 +1,121 @@
+#!/usr/bin/env bash
+
+# See the README for instructions setting up.
+# ./make-anonymous-key KEYNAME
+
+# figure out which directory we are stored in
+# https://stackoverflow.com/questions/59895/can-a-bash-script-tell-what-directory-its-stored-in
+_GITNONYMOUS_SRC="${BASH_SOURCE[0]}"
+# resolve $_GITNONYMOUS_SRC until the file is no longer a symlink
+while [ -h "$_GITNONYMOUS_SRC" ]; do
+  dir="$( cd -P "$( dirname "$_GITNONYMOUS_SRC" )" && pwd )"
+  _GITNONYMOUS_SRC="$(readlink "$_GITNONYMOUS_SRC")"
+  # if $_GITNONYMOUS_SRC was a relative symlink, we need to resolve it
+  # relative to the path where the symlink file was located
+  [[ $_GITNONYMOUS_SRC != /* ]] && _GITNONYMOUS_SRC="$DIR/$_GITNONYMOUS_SRC"
+done
+dir="$( cd -P "$( dirname "$_GITNONYMOUS_SRC" )" && pwd )"
+unset _GITNONYMOUS_SRC
+
+gitnonymous_usage () {
+  if [ "$1" != "" ]
+  then
+    gitnonymous_error "Don't call this script directly. 'Source' it instead."
+  fi
+  echo "Usage:"
+  echo ". ${BASH_SOURCE[0]} KEYNAME"
+}
+
+# function to throw error messages
+gitnonymous_error () {
+  >&2 echo $@
+}
+
+# when we are missing a config file call this
+gitnonymous_error_missing () {
+  gitnonymous_error $@
+  gitnonymous_error "To create it run: ${dir}/gitnonymous-setup ${keyname}"
+}
+
+# Make sure we were called with 'source' instead of directly
+if [[ "${BASH_SOURCE[0]}" != "$0" ]]
+then
+  # check for the keyname parameter
+  if [ "$1" = "" ]
+  then
+    gitnonymous_usage
+    return 1
+  else
+    # set the key and the config file
+    keyname="${1}"
+    rootdir="${HOME}/.gitnonymous-${keyname}"
+    configfile="${rootdir}/config"
+    sshdir="${rootdir}/ssh"
+    oldenvfile="${rootdir}/previous-environment"
+    
+    if [ "$_GITNONYMOUS" != "" ]
+    # toggle everything off again
+    then
+      echo "Unsetting gitnonymous environment ${keyname}"
+      # kill our special ssh agent
+      ssh-agent -k
+      # restore the command prompt
+      export PS1="${_GITNONYMOUS_OLDPS1}"
+      unset GIT_COMMITTER_EMAIL
+      unset GIT_COMMITTER_NAME
+      unset GIT_AUTHOR_EMAIL
+      unset GIT_AUTHOR_NAME
+      unset GIT_SSH
+      unset GIT_PROXY_COMMAND
+      unset ALL_PROXY
+      # restore any GIT_ environment variables set before
+      . "${oldenvfile}"
+      # unset our environment variables we set
+      unset _GITNONYMOUS_OLDPS1
+      unset _GITNONYMOUS
+      echo "Done unsetting ${keyname}."
+    else
+      # add our custom local SSH key (make the key with ./make-anonymous-key)
+      if [ -f ${sshdir}/id_rsa ]
+      then
+        # start a new SSH agent just for this session
+        eval $(ssh-agent -a "${sshdir}/.ssh-agent")
+        # add the key
+        ssh-add ${sshdir}/id_rsa
+      else
+        gitnonymous_error_missing "SSH config in ${sshdir} not found!"
+        return 3
+      fi
+      
+      # load the user's anonymous GIT settings and environment
+      if [ -f "${configfile}" ]
+      then
+        # save the old GIT values
+        export | grep -E "GIT_|ALL_PROXY" > ${oldenvfile}
+        # source the config file
+        .  "${configfile}"
+      else
+        gitnonymous_error_missing "GIT config in ${configfile} not found!"
+        return 4
+      fi
+      
+      # trap exit of this shell and kill ssh-agent
+      trap 'ssh-agent -k' EXIT
+      
+      # tell GIT to use our customised anonymous SSH wrapper
+      export GIT_SSH="${rootdir}/git-ssh-wrap"
+      
+      # tell GIT to use the tor proxy for all other traffic
+      export GIT_PROXY_COMMAND="${dir}/git-proxy-command"
+      export ALL_PROXY="socks5://127.0.0.1:9050"
+      
+      # make it obvious we're in a special environment
+      _GITNONYMOUS_OLDPS1="${PS1}"
+      export PS1="${keyname}⚔ ${PS1}"
+      export _GITNONYMOUS="${keyname}"
+    fi
+  fi
+else
+  gitnonymous_usage true
+  exit 2
+fi

gitnonymous-setup

@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+# figure out which directory we are stored in
+# https://stackoverflow.com/questions/59895/can-a-bash-script-tell-what-directory-its-stored-in
+_GITNONYMOUS_SRC="${BASH_SOURCE[0]}"
+# resolve $_GITNONYMOUS_SRC until the file is no longer a symlink
+while [ -h "$_GITNONYMOUS_SRC" ]; do
+  dir="$( cd -P "$( dirname "$_GITNONYMOUS_SRC" )" && pwd )"
+  _GITNONYMOUS_SRC="$(readlink "$_GITNONYMOUS_SRC")"
+  # if $_GITNONYMOUS_SRC was a relative symlink, we need to resolve it
+  # relative to the path where the symlink file was located
+  [[ $_GITNONYMOUS_SRC != /* ]] && _GITNONYMOUS_SRC="$DIR/$_GITNONYMOUS_SRC"
+done
+dir="$( cd -P "$( dirname "$_GITNONYMOUS_SRC" )" && pwd )"
+unset _GITNONYMOUS_SRC
+
+# set up our other variables
+confdir="${HOME}/.gitnonymous-${1}"
+sshfile="${confdir}/ssh/id_rsa"
+configfile="${confdir}/config"
+sshwrapperfile="${confdir}/git-ssh-wrap"
+
+if [ "$1" = "" ]
+then
+  echo "Usage: $0 KEYNAME"
+else
+  comment="${1}@anonymous"
+  echo "-> Creating ${confdir}."
+  mkdir -p "${confdir}/ssh"
+  echo "-> Creating SSH key '${sshfile}'."
+  echo "SSH key comment (public) is '${comment}'."
+  ssh-keygen -C "${comment}" -f "${sshfile}"
+  echo "-> Creating SSH wrapper '${sshwrapperfile}'."
+  cat "${dir}/git-ssh-wrap" | sed "s/KEYNAME/${1}/" > "${sshwrapperfile}"
+  chmod 755 "${sshwrapperfile}"
+  echo "-> Creating config file '${configfile}'."
+  cp ${dir}/config "${configfile}"
+fi