From c83e7d5f81c1a86f156355ad4e04f73b94308452 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 19 Aug 2013 17:33:23 +0200 Subject: [PATCH 01/19] ovpnmain.cgi: Fix remote IP address validation. --- html/cgi-bin/ovpnmain.cgi | 50 +++++++++++++++++++-------------------- 1 file changed, 24 insertions(+), 26 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 5e18d3cb5..e6ea1ef59 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -3604,35 +3604,33 @@ if ($cgiparams{'TYPE'} eq 'net') { } # Check if a remote host/IP has been set for the client. - if ($cgiparams{'REMOTE'} eq '' && $cgiparams{'SIDE'} ne 'server') { - $errormessage = $Lang::tr{'invalid input for remote host/ip'}; + if ($cgiparams{'TYPE'} eq 'net') { + if ($cgiparams{'SIDE'} ne 'server' && $cgiparams{'REMOTE'} eq '') { + $errormessage = $Lang::tr{'invalid input for remote host/ip'}; - # Check if this is a N2N connection and drop temporary config. - if ($cgiparams{'TYPE'} eq 'net') { - unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; - rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; - } - goto VPNCONF_ERROR; - } - - # Check if a remote host/IP has been configured - the field can be empty on the server side. - if ($cgiparams{'REMOTE'} ne '') { - - # Check if the given IP is valid - otherwise check if it is a valid domain. - if (! &General::validip($cgiparams{'REMOTE'})) { - - # Check for a valid domain. - if (! &General::validfqdn ($cgiparams{'REMOTE'})) { - $errormessage = $Lang::tr{'invalid input for remote host/ip'}; - - # Check if this is a N2N connection and drop temporary config. - if ($cgiparams{'TYPE'} eq 'net') { + # Check if this is a N2N connection and drop temporary config. unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; - rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; - } - goto VPNCONF_ERROR; + rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; + + goto VPNCONF_ERROR; + } + + # Check if a remote host/IP has been configured - the field can be empty on the server side. + if ($cgiparams{'REMOTE'} ne '') { + # Check if the given IP is valid - otherwise check if it is a valid domain. + if (! &General::validip($cgiparams{'REMOTE'})) { + # Check for a valid domain. + if (! &General::validfqdn ($cgiparams{'REMOTE'})) { + $errormessage = $Lang::tr{'invalid input for remote host/ip'}; + + # Check if this is a N2N connection and drop temporary config. + unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; + rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; + + goto VPNCONF_ERROR; + } + } } - } } if ($cgiparams{'TYPE'} ne 'host') { From 67df3c3f1c3dc12d4238c617d91bb6622024efa2 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 19 Aug 2013 17:40:57 +0200 Subject: [PATCH 02/19] ovpnmain.cgi: Don't fail if files are not existant. N2N connections could not be deleted if they have never been started. --- html/cgi-bin/ovpnmain.cgi | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index e6ea1ef59..73e610bfd 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -2195,14 +2195,15 @@ else # m.a.d net2net ### - if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') { - +if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') { my $conffile = glob("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]/$confighash{$cgiparams{'KEY'}}[1].conf"); - my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12"); - unlink ($certfile) or die "Removing $certfile fail: $!"; - unlink ($conffile) or die "Removing $conffile fail: $!"; - rmdir ("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") || die "Kann Verzeichnis nicht loeschen: $!"; - + my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12"); + unlink ($certfile); + unlink ($conffile); + + if (-e "${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") { + rmdir ("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") || die "Kann Verzeichnis nicht loeschen: $!"; + } } unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem"); From 529ac19c466e3c1c079d6c8d73d21c3016edae59 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 19 Aug 2013 13:23:51 +0200 Subject: [PATCH 03/19] tor: Only start tor when it has been enabled. --- src/initscripts/init.d/tor | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/initscripts/init.d/tor b/src/initscripts/init.d/tor index e27241f56..4fef577ac 100644 --- a/src/initscripts/init.d/tor +++ b/src/initscripts/init.d/tor @@ -9,6 +9,10 @@ . /etc/sysconfig/rc . ${rc_functions} +function tor_is_enabled() { + [ "${TOR_ENABLED}" = "on" ] || [ "${TOR_RELAY_ENABLED}" = "on" ] +} + function setup_firewall() { eval $(/usr/local/bin/readhash /var/ipfire/tor/settings) @@ -27,6 +31,8 @@ function flush_firewall() { case "${1}" in start) + tor_is_enabled || exit 0 + # Setup firewall. setup_firewall From 3387469bdb06af775d8708db7a743c95d3d2ca27 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Sun, 18 Aug 2013 12:11:58 +0200 Subject: [PATCH 04/19] tor: added daemon stats and little changes on styling --- html/cgi-bin/tor.cgi | 103 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 82 insertions(+), 21 deletions(-) mode change 100644 => 100755 html/cgi-bin/tor.cgi diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi old mode 100644 new mode 100755 index 2a31dd4bf..a1d0ae72f --- a/html/cgi-bin/tor.cgi +++ b/html/cgi-bin/tor.cgi @@ -57,9 +57,42 @@ my @accounting_periods = ('daily', 'weekly', 'monthly'); my $TOR_CONTROL_PORT = 9051; +my $string=(); +my $memory=(); +my @memory=(); +my @pid=(); +my @tor=(); +sub daemonstats +{ + $memory = 0; + # for pid and memory + open(FILE, '/usr/local/bin/addonctrl tor status | '); + @tor = ; + close(FILE); + $string = join("", @tor); + $string =~ s/[a-z_]//gi; + $string =~ s/\[[0-1]\;[0-9]+//gi; + $string =~ s/[\(\)\.]//gi; + $string =~ s/ //gi; + $string =~ s///gi; + @pid = split(/\s/,$string); + if (open(FILE, "/proc/$pid[0]/statm")){ + my $temp = ; + @memory = split(/ /,$temp); + close(FILE); + } + $memory+=$memory[0]; +} +daemonstats(); + our %netsettings = (); &General::readhash("${General::swroot}/ethernet/settings", \%netsettings); +our %color = (); +our %mainsettings = (); +&General::readhash("${General::swroot}/main/settings", \%mainsettings); +&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); + our %settings = (); $settings{'TOR_ENABLED'} = 'off'; @@ -192,12 +225,37 @@ sub showMainBox() { print "
\n"; - &Header::openbox('100%', 'left', $Lang::tr{'tor configuration'}); + &Header::openbox('100%', 'center', $Lang::tr{'tor'}); + + +if ( ($memory != 0) && (@pid[0] ne "///") ){ + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print "
$Lang::tr{'tor service'}
$Lang::tr{'tor daemon'}$Lang::tr{'running'}
PID$Lang::tr{'memory'}
@pid[0]$memory KB
"; + } else { + print ""; + print ""; + print ""; + print ""; + print "
$Lang::tr{'tor service'}
$Lang::tr{'tor daemon'}$Lang::tr{'stopped'}
"; + } + + &Header::closebox(); + + &Header::openbox('100%', 'center', $Lang::tr{'tor configuration'}); print < + - + @@ -222,12 +280,11 @@ END print < -

-
$Lang::tr{'tor common settings'}$Lang::tr{'tor common settings'}
$Lang::tr{'tor enabled'}:
+
- +
$Lang::tr{'tor acls'}$Lang::tr{'tor acls'}
@@ -244,12 +301,11 @@ END

-

- +
- + @@ -276,7 +332,6 @@ END
$Lang::tr{'tor exit nodes'}$Lang::tr{'tor exit nodes'}
-

END &Header::closebox(); @@ -305,10 +360,10 @@ END } $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected'; - &Header::openbox('100%', 'left', $Lang::tr{'tor relay configuration'}); + &Header::openbox('100%', 'center', $Lang::tr{'tor relay configuration'}); print < +
$Lang::tr{'tor relay mode'}: @@ -342,11 +397,11 @@ END
-
+
- +
- + @@ -407,7 +462,7 @@ END &Header::closebox(); print < +
$Lang::tr{'tor bandwidth settings'}$Lang::tr{'tor bandwidth settings'}
$Lang::tr{'tor bandwidth rate'}:
* $Lang::tr{'this field may be blank'} @@ -418,7 +473,7 @@ END
- +
@@ -429,13 +484,13 @@ END # If we have a control connection, show the stats. if ($torctrl) { - &Header::openbox('100%', 'left', $Lang::tr{'tor stats'}); + &Header::openbox('100%', 'center', $Lang::tr{'tor stats'}); my @traffic = &TorTrafficStats($torctrl); if (@traffic) { print < +
 
END if ($settings{'TOR_RELAY_ENABLED'} eq 'on') { @@ -476,7 +531,7 @@ END my $accounting = &TorAccountingStats($torctrl); if ($accounting) { print < +
@@ -527,7 +582,7 @@ END if (@nodes) { my $nodes_length = scalar @nodes; print < +
$Lang::tr{'tor accounting'}
@@ -546,7 +601,11 @@ END END if (exists($node->{'country_code'})) { + if ($node->{'country_code'} eq '??') { + print ""; + } else { print "$node->{"; + } } print </dev/null"); } + # Update pid and memory + daemonstats(); } sub TorConnect() { From 8505f1ff4c743b98f4e72c0275f60ddaa06627f9 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Sun, 18 Aug 2013 12:18:50 +0200 Subject: [PATCH 05/19] tor: new stings added to language files --- langs/de/cgi-bin/de.pl | 2 ++ langs/en/cgi-bin/en.pl | 2 ++ 2 files changed, 4 insertions(+) diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index a0c426f3f..584bee59e 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1817,6 +1817,7 @@ 'tor configuration' => 'Tor-Konfiguration', 'tor connected relays' => 'Verbundene Relays', 'tor contact info' => 'Kontaktinformationen', +'tor daemon' => 'Daemon', 'tor enabled' => 'Tor einschalten', 'tor errmsg invalid accounting limit' => 'Ungültiges Accounting-Limit', 'tor errmsg invalid ip or mask' => 'Ungültiges IP-Subnetz', @@ -1839,6 +1840,7 @@ 'tor relay mode relay' => 'Nur Relay', 'tor relay nickname' => 'Relay-Nickname', 'tor relay port' => 'Relay-Port', +'tor service' => 'Tor Service', 'tor socks port' => 'SOCKS-Port', 'tor stats' => 'Statistiken', 'tor traffic limit hard' => 'Das Übertragungslimit wurde erreicht.', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index b12ae7d2e..7035bed24 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1852,6 +1852,7 @@ 'tor configuration' => 'Tor Configuration', 'tor connected relays' => 'Connected relays', 'tor contact info' => 'Contact Info', +'tor daemon' => 'Daemon', 'tor enabled' => 'Enable Tor', 'tor errmsg invalid accounting limit' => 'Invalid accounting limit', 'tor errmsg invalid ip or mask' => 'Invalid IP subnet', @@ -1875,6 +1876,7 @@ 'tor relay mode relay' => 'Relay only', 'tor relay nickname' => 'Relay nickname', 'tor relay port' => 'Relay port', +'tor service' => 'Tor Service', 'tor socks port' => 'SOCKS port', 'tor stats' => 'Statistics', 'tor traffic limit hard' => 'Traffic limit has been reached.', From 0006d11060177a506c675f18c4678e0b7f82c3a9 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 19 Aug 2013 13:20:42 +0200 Subject: [PATCH 06/19] translation: Fix typo. --- doc/language_issues.es | 2 ++ doc/language_issues.fr | 2 ++ doc/language_issues.nl | 2 ++ doc/language_issues.pl | 2 ++ doc/language_issues.ru | 2 ++ doc/language_issues.tr | 2 ++ doc/language_missings | 8 ++++++++ langs/de/cgi-bin/de.pl | 2 +- 8 files changed, 21 insertions(+), 1 deletion(-) diff --git a/doc/language_issues.es b/doc/language_issues.es index 790ce1acc..fe4635527 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -642,6 +642,7 @@ WARNING: untranslated string: tor common settings WARNING: untranslated string: tor configuration WARNING: untranslated string: tor connected relays WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor daemon WARNING: untranslated string: tor enabled WARNING: untranslated string: tor errmsg invalid accounting limit WARNING: untranslated string: tor errmsg invalid ip or mask @@ -663,6 +664,7 @@ WARNING: untranslated string: tor relay mode private bridge WARNING: untranslated string: tor relay mode relay WARNING: untranslated string: tor relay nickname WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor service WARNING: untranslated string: tor socks port WARNING: untranslated string: tor stats WARNING: untranslated string: tor traffic limit hard diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 41d8d9d78..d5a10574f 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -627,6 +627,7 @@ WARNING: untranslated string: tor common settings WARNING: untranslated string: tor configuration WARNING: untranslated string: tor connected relays WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor daemon WARNING: untranslated string: tor enabled WARNING: untranslated string: tor errmsg invalid accounting limit WARNING: untranslated string: tor errmsg invalid ip or mask @@ -648,6 +649,7 @@ WARNING: untranslated string: tor relay mode private bridge WARNING: untranslated string: tor relay mode relay WARNING: untranslated string: tor relay nickname WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor service WARNING: untranslated string: tor socks port WARNING: untranslated string: tor stats WARNING: untranslated string: tor traffic limit hard diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 46838b024..c8249ff7a 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -544,6 +544,7 @@ WARNING: untranslated string: tor common settings WARNING: untranslated string: tor configuration WARNING: untranslated string: tor connected relays WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor daemon WARNING: untranslated string: tor enabled WARNING: untranslated string: tor errmsg invalid accounting limit WARNING: untranslated string: tor errmsg invalid ip or mask @@ -565,6 +566,7 @@ WARNING: untranslated string: tor relay mode private bridge WARNING: untranslated string: tor relay mode relay WARNING: untranslated string: tor relay nickname WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor service WARNING: untranslated string: tor socks port WARNING: untranslated string: tor stats WARNING: untranslated string: tor traffic limit hard diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 790ce1acc..fe4635527 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -642,6 +642,7 @@ WARNING: untranslated string: tor common settings WARNING: untranslated string: tor configuration WARNING: untranslated string: tor connected relays WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor daemon WARNING: untranslated string: tor enabled WARNING: untranslated string: tor errmsg invalid accounting limit WARNING: untranslated string: tor errmsg invalid ip or mask @@ -663,6 +664,7 @@ WARNING: untranslated string: tor relay mode private bridge WARNING: untranslated string: tor relay mode relay WARNING: untranslated string: tor relay nickname WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor service WARNING: untranslated string: tor socks port WARNING: untranslated string: tor stats WARNING: untranslated string: tor traffic limit hard diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 670069683..ef7b31c2e 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -607,6 +607,7 @@ WARNING: untranslated string: tor common settings WARNING: untranslated string: tor configuration WARNING: untranslated string: tor connected relays WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor daemon WARNING: untranslated string: tor enabled WARNING: untranslated string: tor errmsg invalid accounting limit WARNING: untranslated string: tor errmsg invalid ip or mask @@ -628,6 +629,7 @@ WARNING: untranslated string: tor relay mode private bridge WARNING: untranslated string: tor relay mode relay WARNING: untranslated string: tor relay nickname WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor service WARNING: untranslated string: tor socks port WARNING: untranslated string: tor stats WARNING: untranslated string: tor traffic limit hard diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 6c4502fd6..1821fb45b 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -540,6 +540,7 @@ WARNING: untranslated string: tor common settings WARNING: untranslated string: tor configuration WARNING: untranslated string: tor connected relays WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor daemon WARNING: untranslated string: tor enabled WARNING: untranslated string: tor errmsg invalid accounting limit WARNING: untranslated string: tor errmsg invalid ip or mask @@ -561,6 +562,7 @@ WARNING: untranslated string: tor relay mode private bridge WARNING: untranslated string: tor relay mode relay WARNING: untranslated string: tor relay nickname WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor service WARNING: untranslated string: tor socks port WARNING: untranslated string: tor stats WARNING: untranslated string: tor traffic limit hard diff --git a/doc/language_missings b/doc/language_missings index 3c611e617..865a42a56 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -136,6 +136,7 @@ < tor configuration < tor connected relays < tor contact info +< tor daemon < tor enabled < tor errmsg invalid accounting limit < tor errmsg invalid ip or mask @@ -158,6 +159,7 @@ < tor relay mode relay < tor relay nickname < tor relay port +< tor service < tor socks port < tor stats < tor traffic limit hard @@ -371,6 +373,7 @@ < tor configuration < tor connected relays < tor contact info +< tor daemon < tor enabled < tor errmsg invalid accounting limit < tor errmsg invalid ip or mask @@ -393,6 +396,7 @@ < tor relay mode relay < tor relay nickname < tor relay port +< tor service < tor socks port < tor stats < tor traffic limit hard @@ -558,6 +562,7 @@ < tor configuration < tor connected relays < tor contact info +< tor daemon < tor enabled < tor errmsg invalid accounting limit < tor errmsg invalid ip or mask @@ -580,6 +585,7 @@ < tor relay mode relay < tor relay nickname < tor relay port +< tor service < tor socks port < tor stats < tor traffic limit hard @@ -750,6 +756,7 @@ < tor configuration < tor connected relays < tor contact info +< tor daemon < tor enabled < tor errmsg invalid accounting limit < tor errmsg invalid ip or mask @@ -772,6 +779,7 @@ < tor relay mode relay < tor relay nickname < tor relay port +< tor service < tor socks port < tor stats < tor traffic limit hard diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 584bee59e..b55179f6d 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1840,7 +1840,7 @@ 'tor relay mode relay' => 'Nur Relay', 'tor relay nickname' => 'Relay-Nickname', 'tor relay port' => 'Relay-Port', -'tor service' => 'Tor Service', +'tor service' => 'Tor-Service', 'tor socks port' => 'SOCKS-Port', 'tor stats' => 'Statistiken', 'tor traffic limit hard' => 'Das Übertragungslimit wurde erreicht.', From 9e4945393d205da3f1a599651c6e94cbce386ecd Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Sun, 18 Aug 2013 12:42:24 +0200 Subject: [PATCH 07/19] tor: added startup files --- lfs/tor | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lfs/tor b/lfs/tor index 8bce4be8f..ae63d961a 100644 --- a/lfs/tor +++ b/lfs/tor @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 1 +PAK_VER = 2 DEPS = "libevent2" @@ -107,6 +107,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) install -v -m 644 $(DIR_SRC)/config/tor/defaults-torrc \ /usr/share/tor/defaults-torrc + # Install start links and backup include file. + ln -sf ../init.d/tor /etc/rc.d/rc3.d/S60tor + ln -sf ../init.d/tor /etc/rc.d/rc0.d/K40tor + ln -sf ../init.d/tor /etc/rc.d/rc6.d/K40tor install -v -m 644 $(DIR_SRC)/config/backup/includes/tor \ /var/ipfire/backup/addons/includes/tor @rm -rf $(DIR_APP) From 26cce22da0ffd9b861e6734e943238bc9a2b512c Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 20 Aug 2013 10:39:40 +0200 Subject: [PATCH 08/19] tor.cgi: Remember selected exit node country. --- html/cgi-bin/tor.cgi | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi index a1d0ae72f..b920724de 100755 --- a/html/cgi-bin/tor.cgi +++ b/html/cgi-bin/tor.cgi @@ -321,7 +321,13 @@ END foreach my $country_name (sort @country_names) { my $country_code = Locale::Country::country2code($country_name); $country_code = uc($country_code); - print "\n"; + print "\n"; } print < Date: Thu, 22 Aug 2013 17:26:23 +0200 Subject: [PATCH 09/19] tor: Rootfile update. --- config/rootfiles/packages/tor | 3 +++ 1 file changed, 3 insertions(+) diff --git a/config/rootfiles/packages/tor b/config/rootfiles/packages/tor index 8eb6dad17..58de7da86 100644 --- a/config/rootfiles/packages/tor +++ b/config/rootfiles/packages/tor @@ -1,6 +1,9 @@ #etc/logrotate.d etc/logrotate.d/tor etc/rc.d/init.d/tor +etc/rc.d/rc0.d/K40tor +etc/rc.d/rc3.d/S60tor +etc/rc.d/rc6.d/K40tor #etc/tor etc/tor/tor-tsocks.conf etc/tor/torrc From ae650f95188e206cd3e3cbca5445f3ed074cb66f Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sat, 24 Aug 2013 17:19:36 +0200 Subject: [PATCH 10/19] tor: Fix initscript (again). --- src/initscripts/init.d/tor | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/initscripts/init.d/tor b/src/initscripts/init.d/tor index 4fef577ac..d631e867f 100644 --- a/src/initscripts/init.d/tor +++ b/src/initscripts/init.d/tor @@ -9,13 +9,13 @@ . /etc/sysconfig/rc . ${rc_functions} +eval $(/usr/local/bin/readhash /var/ipfire/tor/settings) + function tor_is_enabled() { [ "${TOR_ENABLED}" = "on" ] || [ "${TOR_RELAY_ENABLED}" = "on" ] } function setup_firewall() { - eval $(/usr/local/bin/readhash /var/ipfire/tor/settings) - # Flush all rules. flush_firewall From cd010e09a321ab562ff45da1b27e521da160c71f Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sat, 24 Aug 2013 18:38:34 +0200 Subject: [PATCH 11/19] tor: bump package version nr. --- lfs/tor | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lfs/tor b/lfs/tor index ae63d961a..6161a5648 100644 --- a/lfs/tor +++ b/lfs/tor @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 2 +PAK_VER = 3 DEPS = "libevent2" From b31af08582737abd3913809bdf38147b6316973a Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Fri, 6 Sep 2013 22:01:21 +0200 Subject: [PATCH 12/19] tor: valid client names are max. 19 characters long changed that in tor.cgi --- html/cgi-bin/tor.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi index b920724de..689a80aee 100755 --- a/html/cgi-bin/tor.cgi +++ b/html/cgi-bin/tor.cgi @@ -382,7 +382,7 @@ END From ae666bf128e8660512a6fe0a12eda22c4b126446 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Fri, 6 Sep 2013 22:05:10 +0200 Subject: [PATCH 13/19] tor: fixed display of not founded country flags in tor.cgi --- html/cgi-bin/tor.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi index 689a80aee..b6526b91c 100755 --- a/html/cgi-bin/tor.cgi +++ b/html/cgi-bin/tor.cgi @@ -607,7 +607,7 @@ END END if (exists($node->{'country_code'})) { - if ($node->{'country_code'} eq '??') { + if (!$node->{'country_code'} or $node->{'country_code'} eq '??') { print ""; } else { print "$node->{"; From 4245fe34792cb67b1fe4b073e3b4d71014c3b277 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Sat, 7 Sep 2013 14:47:28 +0200 Subject: [PATCH 14/19] tor: added directory port to tor.cgi --- html/cgi-bin/tor.cgi | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi index b6526b91c..befd50834 100755 --- a/html/cgi-bin/tor.cgi +++ b/html/cgi-bin/tor.cgi @@ -108,6 +108,7 @@ $settings{'TOR_RELAY_ENABLED'} = 'off'; $settings{'TOR_RELAY_MODE'} = 'exit'; $settings{'TOR_RELAY_ADDRESS'} = ''; $settings{'TOR_RELAY_PORT'} = 9001; +$settings{'TOR_RELAY_DIRPORT'} = 0; $settings{'TOR_RELAY_NICKNAME'} = ''; $settings{'TOR_RELAY_CONTACT_INFO'} = ''; $settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0; @@ -143,6 +144,11 @@ if ($settings{'ACTION'} eq $Lang::tr{'save'}) { if (!&General::validport($settings{'TOR_RELAY_PORT'})) { $errormessage = "$Lang::tr{'tor errmsg invalid relay port'}: $settings{'TOR_RELAY_PORT'}"; } + if ($settings{'TOR_RELAY_DIRPORT'} ne '0') { + if (!&General::validport($settings{'TOR_RELAY_DIRPORT'})) { + $errormessage = "$Lang::tr{'tor errmsg invalid directory port'}: $settings{'TOR_RELAY_DIRPORT'}"; + } + } if ($settings{'TOR_RELAY_ADDRESS'} ne '') { if ((!&General::validfqdn($settings{'TOR_RELAY_ADDRESS'})) && (!&General::validip($settings{'TOR_RELAY_ADDRESS'}))) { @@ -395,6 +401,14 @@ END + + + + + +
$Lang::tr{'tor connected relays'} ($nodes_length)$Lang::tr{'tor relay nickname'}: * - +
  $Lang::tr{'tor directory port'}: +  $Lang::tr{'tor 0 = disabled'} +
$Lang::tr{'tor contact info'}: * @@ -683,6 +697,10 @@ sub BuildConfiguration() { print FILE "ORPort $settings{'TOR_RELAY_PORT'}\n"; + if ($settings{'TOR_RELAY_DIRPORT'} ne '0') { + print FILE "DirPort $settings{'TOR_RELAY_DIRPORT'}\n"; + } + if ($settings{'TOR_RELAY_ADDRESS'} ne '') { print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n"; } From 53f7ba12e8d0ba9f9c72e075b4a9e4e5c4a4ac00 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Sat, 7 Sep 2013 14:50:06 +0200 Subject: [PATCH 15/19] tor: increased pakfire version --- lfs/tor | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lfs/tor b/lfs/tor index 6161a5648..68381503f 100644 --- a/lfs/tor +++ b/lfs/tor @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 3 +PAK_VER = 4 DEPS = "libevent2" From e122dd636659d9e97dcd0441717955de04a737b6 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Sat, 7 Sep 2013 14:52:02 +0200 Subject: [PATCH 16/19] tor: changed init script due to directory port option --- src/initscripts/init.d/tor | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/initscripts/init.d/tor b/src/initscripts/init.d/tor index d631e867f..9c1dfc769 100644 --- a/src/initscripts/init.d/tor +++ b/src/initscripts/init.d/tor @@ -22,6 +22,10 @@ function setup_firewall() { if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_PORT}" ]; then iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_PORT}" -j ACCEPT fi + + if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_DIRPORT}" ] && [ "${TOR_RELAY_DIRPORT}" -ne 0 ]; then + iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_DIRPORT}" -j ACCEPT + fi } function flush_firewall() { From 8e0d8bfd4d61656bec48a63d7a9263aed8f0da94 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Sat, 7 Sep 2013 14:55:55 +0200 Subject: [PATCH 17/19] tor: added new strings for directory port --- langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index b55179f6d..c620629cc 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1798,6 +1798,7 @@ 'tone dial' => 'Tonwahl:', 'too long 80 char max' => ' ist zu lang, es sind maximal 80 Zeichen erlaubt', 'tor' => 'Tor', +'tor 0 = disabled' => '0 = deaktiviert', 'tor accounting' => 'Accounting', 'tor accounting bytes' => 'Traffic (empfangen/gesendet)', 'tor accounting bytes left' => 'übrig', @@ -1818,11 +1819,13 @@ 'tor connected relays' => 'Verbundene Relays', 'tor contact info' => 'Kontaktinformationen', 'tor daemon' => 'Daemon', +'tor directory port' => 'Directory-Port', 'tor enabled' => 'Tor einschalten', 'tor errmsg invalid accounting limit' => 'Ungültiges Accounting-Limit', +'tor errmsg invalid directory port' => 'Ungültiger Directory-Port', 'tor errmsg invalid ip or mask' => 'Ungültiges IP-Subnetz', 'tor errmsg invalid relay address' => 'Ungültige Relay-Adresse', -'tor errmsg invalid relay name' => 'Ungültiger Relay-Nickname.', +'tor errmsg invalid relay name' => 'Ungültiger Relay-Nickname', 'tor errmsg invalid relay port' => 'Ungültiger Relay-Port', 'tor errmsg invalid socks port' => 'Ungültiger SOCKS-Port', 'tor exit country' => 'Exit-Land', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 7035bed24..22d906a32 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1832,6 +1832,7 @@ 'tone dial' => 'Tone dial:', 'too long 80 char max' => ' is too long, maximum allowed is 80 characters', 'tor' => 'Tor', +'tor 0 = disabled' => '0 = disabled', 'tor accounting' => 'Accounting', 'tor accounting bytes' => 'Traffic (read/written)', 'tor accounting bytes left' => 'left', @@ -1853,8 +1854,10 @@ 'tor connected relays' => 'Connected relays', 'tor contact info' => 'Contact Info', 'tor daemon' => 'Daemon', +'tor directory port' => 'Directory port', 'tor enabled' => 'Enable Tor', 'tor errmsg invalid accounting limit' => 'Invalid accounting limit', +'tor errmsg invalid directory port' => 'Invalid directory port', 'tor errmsg invalid ip or mask' => 'Invalid IP subnet', 'tor errmsg invalid node id' => 'Invalid node ID', 'tor errmsg invalid relay address' => 'Invalid relay address', From c6137209a4fa72de7ea13be0c0713bddf57c0f38 Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Thu, 12 Sep 2013 21:36:06 +0200 Subject: [PATCH 18/19] tor: update to 0.2.4.17-rc --- lfs/tor | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/tor b/lfs/tor index 68381503f..795f7c3eb 100644 --- a/lfs/tor +++ b/lfs/tor @@ -24,7 +24,7 @@ include Config -VER = 0.2.3.25 +VER = 0.2.4.17-rc THISAPP = tor-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = a1c364189a9a66ed9daa8e6436489daf +$(DL_FILE)_MD5 = 2cdfb8dcc3306a43cf465a858bf97b2d install : $(TARGET) From f64c99631116407320ea362121b3698c60c3a40c Mon Sep 17 00:00:00 2001 From: Jan Paul Tuecking Date: Fri, 13 Sep 2013 15:17:25 +0200 Subject: [PATCH 19/19] tor: changed rootfiles due to tor update --- config/rootfiles/packages/tor | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/config/rootfiles/packages/tor b/config/rootfiles/packages/tor index 58de7da86..f9c657c88 100644 --- a/config/rootfiles/packages/tor +++ b/config/rootfiles/packages/tor @@ -5,7 +5,7 @@ etc/rc.d/rc0.d/K40tor etc/rc.d/rc3.d/S60tor etc/rc.d/rc6.d/K40tor #etc/tor -etc/tor/tor-tsocks.conf +#etc/tor/tor-tsocks.conf etc/tor/torrc srv/web/ipfire/cgi-bin/tor.cgi usr/bin/tor @@ -25,6 +25,7 @@ usr/local/bin/torctrl usr/share/tor usr/share/tor/defaults-torrc usr/share/tor/geoip +usr/share/tor/geoip6 var/ipfire/backup/addons/includes/tor var/ipfire/menu.d/EX-tor.menu var/ipfire/tor