From 38382ec09ce4434cfc23505de8b49c9d0714ffb5 Mon Sep 17 00:00:00 2001 From: James Valleroy Date: Mon, 27 Jun 2016 22:09:47 -0400 Subject: [PATCH] tor: Add option to toggle bridge relay --- actions/tor | 44 ++++++++++++++++++++++++++- plinth/modules/tor/forms.py | 7 +++++ plinth/modules/tor/templates/tor.html | 13 ++++---- plinth/modules/tor/utils.py | 1 + plinth/modules/tor/views.py | 4 +++ 5 files changed, 61 insertions(+), 8 deletions(-) diff --git a/actions/tor b/actions/tor index b6f9c723c..23e16ffdd 100755 --- a/actions/tor +++ b/actions/tor @@ -53,6 +53,8 @@ def parse_arguments(): configure = subparsers.add_parser('configure', help='Configure Tor') configure.add_argument('--service', choices=['enable', 'disable'], help='Configure Tor service') + configure.add_argument('--relay', choices=['enable', 'disable'], + help='Configure relay') configure.add_argument('--hidden-service', choices=['enable', 'disable'], help='Configure hidden service') configure.add_argument('--apt-transport-tor', @@ -123,6 +125,12 @@ def subcommand_configure(arguments): if arguments.service == 'disable': _disable() + restart = arguments.service == None and arguments.hidden_service == None + if arguments.relay == 'enable': + _enable_relay(restart=restart) + elif arguments.relay == 'disable': + _disable_relay(restart=restart) + restart = arguments.service == None if arguments.hidden_service == 'enable': _enable_hs(restart=restart) @@ -140,7 +148,17 @@ def subcommand_configure(arguments): def get_status(): """Return dict with Tor status.""" - return {'ports': get_ports(), 'hidden_service': get_hidden_service()} + return {'relay_enabled': is_relay_enabled(), + 'ports': get_ports(), + 'hidden_service': get_hidden_service()} + + +def is_relay_enabled(): + """Return whether bridge relay is enabled.""" + aug = augeas_load() + orport = aug.get(TOR_CONFIG + '/ORPort') + bridge = aug.get(TOR_CONFIG + '/BridgeRelay') + return orport == 'auto' and bridge == '1' def get_ports(): @@ -227,6 +245,30 @@ def _disable(): action_utils.service_disable('tor') +def _enable_relay(restart=True): + """Enable Tor bridge relay.""" + aug = augeas_load() + aug.set(TOR_CONFIG + '/ORPort', 'auto') + aug.set(TOR_CONFIG + '/BridgeRelay', '1') + aug.save() + + if restart: + if is_enabled() and is_running(): + action_utils.service_restart('tor') + + +def _disable_relay(restart=False): + """Disable Tor bridge relay.""" + aug = augeas_load() + aug.remove(TOR_CONFIG + '/ORPort') + aug.set(TOR_CONFIG + '/BridgeRelay', '0') + aug.save() + + if restart: + if is_enabled() and is_running(): + action_utils.service_restart('tor') + + def _enable_hs(restart=True): """Enable Tor hidden service""" if get_hidden_service()['enabled']: diff --git a/plinth/modules/tor/forms.py b/plinth/modules/tor/forms.py index e4b9abbe8..77d2e0d40 100644 --- a/plinth/modules/tor/forms.py +++ b/plinth/modules/tor/forms.py @@ -31,6 +31,13 @@ class TorForm(forms.Form): # pylint: disable=W0232 enabled = forms.BooleanField( label=_('Enable Tor'), required=False) + relay_enabled = forms.BooleanField( + label=_('Enable Tor bridge relay'), + required=False, + help_text=format_lazy(_( + 'When enabled, your {box_name} will run a Tor bridge relay with ' + 'obfsproxy, so it can help circumvent censorship.'), + box_name=_(cfg.box_name))) hs_enabled = forms.BooleanField( label=_('Enable Tor Hidden Service'), required=False, diff --git a/plinth/modules/tor/templates/tor.html b/plinth/modules/tor/templates/tor.html index d675f1aac..f6a08870c 100644 --- a/plinth/modules/tor/templates/tor.html +++ b/plinth/modules/tor/templates/tor.html @@ -93,17 +93,15 @@ value="{% trans "Update setup" %}"/> -

{% trans "Bridge" %}

- + {% if status.relay_enabled %} +

{% trans "Bridge Relay" %}

{% blocktrans trimmed %} - Your {{ box_name }} is configured as a Tor bridge with obfsproxy, - so it can help circumvent censorship. If your {{ box_name }} is - behind a router or firewall, you should make sure the following - ports are open, and port-forwarded, if necessary: + If your {{ box_name }} is behind a router or firewall, you should + make sure the following ports are open, and port-forwarded, if + necessary: {% endblocktrans %}

-
@@ -124,6 +122,7 @@
+ {% endif %}

{% trans "SOCKS" %}

diff --git a/plinth/modules/tor/utils.py b/plinth/modules/tor/utils.py index b35ad4d90..dbc8afa5e 100644 --- a/plinth/modules/tor/utils.py +++ b/plinth/modules/tor/utils.py @@ -59,6 +59,7 @@ def get_status(): return {'enabled': is_enabled(), 'is_running': is_running(), + 'relay_enabled': status['relay_enabled'], 'ports': ports, 'hs_enabled': hs_info['enabled'], 'hs_status': hs_info['status'], diff --git a/plinth/modules/tor/views.py b/plinth/modules/tor/views.py index 34bfdf1c3..bb5ede0c6 100644 --- a/plinth/modules/tor/views.py +++ b/plinth/modules/tor/views.py @@ -80,6 +80,10 @@ def __apply_changes(request, old_status, new_status): arg_value = 'enable' if new_status['enabled'] else 'disable' arguments.extend(['--service', arg_value]) + if old_status['relay_enabled'] != new_status['relay_enabled']: + arg_value = 'enable' if new_status['relay_enabled'] else 'disable' + arguments.extend(['--relay', arg_value]) + if old_status['hs_enabled'] != new_status['hs_enabled']: arg_value = 'enable' if new_status['hs_enabled'] else 'disable' arguments.extend(['--hidden-service', arg_value])