From 31f95cfb1236402f6d379934f0a73fc42ae287af Mon Sep 17 00:00:00 2001 From: James Valleroy Date: Mon, 12 Sep 2016 20:01:03 -0400 Subject: [PATCH] tor: Support obfs4 for upstream bridges Refactor augeas lens for readability. --- actions/tor | 3 +++ data/usr/share/augeas/lenses/tests/test_tor.aug | 1 + data/usr/share/augeas/lenses/tor.aug | 14 +++++++++----- plinth/modules/tor/forms.py | 6 ++++-- 4 files changed, 17 insertions(+), 7 deletions(-) diff --git a/actions/tor b/actions/tor index 1adb5d883..9901ce054 100755 --- a/actions/tor +++ b/actions/tor @@ -181,6 +181,9 @@ def subcommand_set_upstream_bridges(arguments): if bridge.strip(): aug.set(TOR_CONFIG + '/Bridge[last() + 1]', bridge.strip()) + aug.set(TOR_CONFIG + '/ClientTransportPlugin', + 'obfs4 exec /usr/bin/obfs4proxy') + aug.save() diff --git a/data/usr/share/augeas/lenses/tests/test_tor.aug b/data/usr/share/augeas/lenses/tests/test_tor.aug index 063290a8a..89d4b0f35 100644 --- a/data/usr/share/augeas/lenses/tests/test_tor.aug +++ b/data/usr/share/augeas/lenses/tests/test_tor.aug @@ -9,3 +9,4 @@ test Tor.lns get "ExitPolicy reject *:*\n" = { "ExitPolicy" = "reject *:*" } test Tor.lns get "VirtualAddrNetworkIPv4 10.192.0.0/10\n" = { "VirtualAddrNetworkIPv4" = "10.192.0.0/10" } test Tor.lns get "ServerTransportPlugin obfs3,obfs4 exec /usr/bin/obfs4proxy\n" = { "ServerTransportPlugin" = "obfs3,obfs4 exec /usr/bin/obfs4proxy" } test Tor.lns get "HiddenServiceDir /var/lib/tor-instances/plinth/hidden_service/\n" = { "HiddenServiceDir" = "/var/lib/tor-instances/plinth/hidden_service/" } +test Tor.lns get "Bridge obfs4 10.1.1.1:30000 0123456789ABCDEF0123456789ABCDEF01234567 cert=A/b+1 iat-mode=0\n" = { "Bridge" = "obfs4 10.1.1.1:30000 0123456789ABCDEF0123456789ABCDEF01234567 cert=A/b+1 iat-mode=0" } diff --git a/data/usr/share/augeas/lenses/tor.aug b/data/usr/share/augeas/lenses/tor.aug index 021a0f516..52d57b210 100644 --- a/data/usr/share/augeas/lenses/tor.aug +++ b/data/usr/share/augeas/lenses/tor.aug @@ -22,13 +22,17 @@ autoload xfm let eol = Util.eol let ws = /[ \t]/ -let kc = /[A-Za-z0-9_.,:*]/ -let vc = /[-A-Za-z0-9_.,:*\/ ]/ -let keyname = kc+ -let val = /[[\/]*/ . kc . (vc* . /[]]*/ . vc* . kc . /[\/]*/)? +let k = /[A-Za-z0-9_.,:*]+/ +let val = /[A-Za-z0-9_.,:*+-=\/]+/ -let entry = [ key keyname . del ws+ " " . store val . eol ] +let bracket_val = "[" . val* . "]" . val* +let multi_val = val . (" " . val)+ +let simple_entry = [ key k . del ws+ " " . store val . eol ] +let bracket_entry = [ key k . del ws+ " " . store bracket_val . eol ] +let multi_entry = [ key k . del ws+ " " . store multi_val . eol ] + +let entry = simple_entry|bracket_entry|multi_entry let lns = (entry|Util.comment|Util.empty_dos)* let filter = (incl "/etc/tor/torrc") diff --git a/plinth/modules/tor/forms.py b/plinth/modules/tor/forms.py index baca3df64..00509b0e9 100644 --- a/plinth/modules/tor/forms.py +++ b/plinth/modules/tor/forms.py @@ -49,7 +49,8 @@ def bridges_validator(bridges): parts = bridge.split() # IP:ORPort is required, transport and fingerprint are optional. - if len(parts) < 1 or len(parts) > 3: + # Transports may have additional options after the fingerprint. + if len(parts) < 1: raise ValidationError( BRIDGE_VALIDATION_ERROR_MESSAGE, code='invalid') @@ -94,7 +95,8 @@ class TorForm(forms.Form): # pylint: disable=W0232 help_text=_('If you need to use a bridge to connect to Tor network, ' 'you can get some bridges from ' 'https://bridges.torproject.org/ and paste the bridge ' - 'information here.'), + 'information here. Note: If you need to use a pluggable ' + 'transport, only obfs4 is supported currently.'), validators=[bridges_validator]) relay_enabled = forms.BooleanField( label=_('Enable Tor relay'),