mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-01-21 07:55:00 +00:00
b0c75b7849
- Includes SocksPort and "Download software packages over Tor" feature,
as well as setting upstream bridges.
- "Download software packages over Tor" option is enabled by default.
- When upgrading, if Tor app was enabled and "Download software
packages over Tor" was enabled, then Tor Proxy will be installed.
- The default tor instance is now called tor@default. The "tor" service
is an multi-instance master that has Wants relation all instances.
Tests:
- Tests for Tor and Tor Proxy passed.
- Enable Tor, and run the tests for Tor Proxy. Afterwards, Tor is still
enabled and running.
- Enable Tor Proxy, and run the tests for Tor. Afterwards, Tor Proxy is
still enabled and running.
- Test setting upstream bridges for Tor and Tor Proxy.
- Install FreedomBox 23.11 in a VM and install Tor with default
settings. Install new FreedomBox version with Tor Proxy. After
install, both Tor and Tor Proxy apps are installed and running.
/etc/tor/instances/{plinth,fbxproxy}/torrc both have expected content.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
76 lines
2.4 KiB
Python
76 lines
2.4 KiB
Python
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
"""Tor Proxy utility functions."""
|
|
|
|
import itertools
|
|
|
|
import augeas
|
|
|
|
from plinth import app as app_module
|
|
from plinth.daemon import app_is_running
|
|
|
|
from . import privileged
|
|
|
|
APT_SOURCES_URI_PATHS = ('/files/etc/apt/sources.list/*/uri',
|
|
'/files/etc/apt/sources.list.d/*/*/uri',
|
|
'/files/etc/apt/sources.list.d/*/*/URIs/*')
|
|
APT_TOR_PREFIX = 'tor+'
|
|
|
|
|
|
def get_status(initialized=True):
|
|
"""Return current Tor status."""
|
|
status = privileged.get_status()
|
|
|
|
app = app_module.App.get('torproxy')
|
|
return {
|
|
'enabled': app.is_enabled() if initialized else False,
|
|
'is_running': app_is_running(app) if initialized else False,
|
|
'use_upstream_bridges': status['use_upstream_bridges'],
|
|
'upstream_bridges': status['upstream_bridges'],
|
|
'apt_transport_tor_enabled': is_apt_transport_tor_enabled()
|
|
}
|
|
|
|
|
|
def iter_apt_uris(aug):
|
|
"""Iterate over all the APT source URIs."""
|
|
return itertools.chain.from_iterable(
|
|
[aug.match(path) for path in APT_SOURCES_URI_PATHS])
|
|
|
|
|
|
def get_augeas():
|
|
"""Return an instance of Augeaus for processing APT configuration."""
|
|
aug = augeas.Augeas(flags=augeas.Augeas.NO_LOAD +
|
|
augeas.Augeas.NO_MODL_AUTOLOAD)
|
|
aug.set('/augeas/load/Aptsources/lens', 'Aptsources.lns')
|
|
aug.set('/augeas/load/Aptsources/incl[last() + 1]',
|
|
'/etc/apt/sources.list')
|
|
aug.set('/augeas/load/Aptsources/incl[last() + 1]',
|
|
'/etc/apt/sources.list.d/*.list')
|
|
aug.set('/augeas/load/Aptsources822/lens', 'Aptsources822.lns')
|
|
aug.set('/augeas/load/Aptsources822/incl[last() + 1]',
|
|
'/etc/apt/sources.list.d/*.sources')
|
|
aug.load()
|
|
|
|
# Check for any errors in parsing sources lists.
|
|
if aug.match('/augeas/files/etc/apt/sources.list/error') or \
|
|
aug.match('/augeas/files/etc/apt/sources.list.d//error'):
|
|
raise Exception('Error parsing sources list')
|
|
|
|
return aug
|
|
|
|
|
|
def is_apt_transport_tor_enabled():
|
|
"""Return whether APT is set to download packages over Tor."""
|
|
try:
|
|
aug = get_augeas()
|
|
except Exception:
|
|
# If there was an error with parsing.
|
|
return False
|
|
|
|
for uri_path in iter_apt_uris(aug):
|
|
uri = aug.get(uri_path)
|
|
if not uri.startswith(APT_TOR_PREFIX) and \
|
|
(uri.startswith('http://') or uri.startswith('https://')):
|
|
return False
|
|
|
|
return True
|