free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Functions for tor bridges

This commit is contained in:
Bob Mottram 2016-12-21 15:26:49 +00:00
parent 877935aeca
commit e36c962b7d
2 changed files with 134 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
src/freedombone-sec
View File

@ -751,6 +751,53 @@ function store_passwords {
esac esac
} }
function show_tor_bridges {
echo -n ''
}
function add_tor_bridge {
echo -n ''
}
function remove_tor_bridge {
echo -n ''
}
function menu_security_settings {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
dialog --backtitle $"Freedombone Control Panel" \
--title $"Tor Bridges" \
--radiolist $"Choose an operation:" 12 50 4 \
1 $"Show bridges" off \
2 $"Add a bridge" off \
3 $"Remove a bridge" off \
4 $"Go Back/Exit" on 2> $data
sel=$?
case $sel in
1) exit 1;;
255) exit 1;;
esac
case $(cat $data) in
1)
show_tor_bridges
exit 0
;;
2)
add_tor_bridge
exit 0
;;
3)
remove_tor_bridge
exit 0
;;
4)
exit 0
;;
esac
}
function menu_security_settings { function menu_security_settings {
data=$(tempfile 2>/dev/null) data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15 trap "rm -f $data" 0 1 2 5 15
@ -759,17 +806,18 @@ function menu_security_settings {
--radiolist $"Choose an operation:" 20 76 20 \ --radiolist $"Choose an operation:" 20 76 20 \
1 $"Run STIG tests" off \ 1 $"Run STIG tests" off \
2 $"Show ssh host public key" off \ 2 $"Show ssh host public key" off \
3 $"Password storage" off \ 3 $"Tor bridges" off \
4 $"Export passwords" off \ 4 $"Password storage" off \
5 $"Regenerate ssh host keys" off \ 5 $"Export passwords" off \
6 $"Regenerate Diffie-Hellman keys" off \ 6 $"Regenerate ssh host keys" off \
7 $"Update cipersuite" off \ 7 $"Regenerate Diffie-Hellman keys" off \
8 $"Create a new Let's Encrypt certificate" off \ 8 $"Update cipersuite" off \
9 $"Renew Let's Encrypt certificate" off \ 9 $"Create a new Let's Encrypt certificate" off \
10 $"Enable GPG based authentication (monkeysphere)" off \ 10 $"Renew Let's Encrypt certificate" off \
11 $"Register a website with monkeysphere" off \ 11 $"Enable GPG based authentication (monkeysphere)" off \
12 $"Allow ssh login with passwords" off \ 12 $"Register a website with monkeysphere" off \
13 $"Go Back/Exit" on 2> $data 13 $"Allow ssh login with passwords" off \
14 $"Go Back/Exit" on 2> $data
sel=$? sel=$?
case $sel in case $sel in
1) exit 1;; 1) exit 1;;
@ -804,41 +852,45 @@ function menu_security_settings {
exit 0 exit 0
;; ;;
3) 3)
store_passwords menu_tor_bridges
exit 0 exit 0
;; ;;
4) 4)
export_passwords store_passwords
exit 0 exit 0
;; ;;
5) 5)
regenerate_ssh_host_keys export_passwords
exit 0
;; ;;
6) 6)
regenerate_dh_keys regenerate_ssh_host_keys
;; ;;
7) 7)
regenerate_dh_keys
;;
8)
interactive_setup interactive_setup
update_ciphersuite update_ciphersuite
;; ;;
8) 9)
create_letsencrypt create_letsencrypt
;; ;;
9) 10)
renew_letsencrypt renew_letsencrypt
;; ;;
10) 11)
enable_monkeysphere enable_monkeysphere
;; ;;
11) 12)
register_website register_website
;; ;;
12) 13)
allow_ssh_passwords allow_ssh_passwords
change_ssh_settings change_ssh_settings
exit 0 exit 0
;; ;;
13) 14)
exit 0 exit 0
;; ;;
esac esac

61
src/freedombone-utils-onion
View File

@ -402,4 +402,65 @@ function get_app_onion_address {
echo "" echo ""
} }
function tor_add_bridge {
bridge_ip_address="$1"
bridge_port="$2"
bridge_key="$3"
bridge_type='obfs4'
if [[ "$bridge_ip_address" != *"."* ]]; then
return
fi
if [ ${#bridge_port} -eq 0 ]; then
return
fi
if [ ${#bridge_key} -eq 0 ]; then
return
fi
apt-get install obfs4proxy
if grep "ClientTransportPlugin" /etc/tor/torrc; then
sed -i 's|#ClientTransportPlugin|ClientTransportPlugin|g' /etc/tor/torrc
sed -i 's|# ClientTransportPlugin|ClientTransportPlugin|g' /etc/tor/torrc
sed -i 's|ClientTransportPlugin.*|ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed|g' /etc/tor/torrc
else
echo 'ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed' >> /etc/tor/torrc
fi
if grep "UseBridges" /etc/tor/torrc; then
sed -i 's|#UseBridges|UseBridges|g' /etc/tor/torrc
sed -i 's|# UseBridges|UseBridges|g' /etc/tor/torrc
sed -i 's|UseBridges.*|UseBridges 1|g' /etc/tor/torrc
else
echo 'UseBridges 1' >> /etc/tor/torrc
fi
bridge_str="bridge $bridge_type ${bridge_ip_address}:${bridge_port} ${bridge_key}"
if ! grep "${bridge_str}" /etc/tor/torrc; then
sed -i "/UseBridges/a ${bridge_str}" >> /etc/tor/torrc
fi
systemctl restart tor
}
function tor_remove_bridge {
bridge_ip_address="$1"
bridge_type='obfs4'
bridge_str="bridge $bridge_type ${bridge_ip_address}"
if grep "${bridge_str}" /etc/tor/torrc; then
sed -i "/${bridge_str}/d" /etc/tor/torrc
fi
if ! grep "bridge " /etc/tor/torrc; then
if ! grep "#UseBridges" /etc/tor/torrc; then
sed -i 's|UseBridges|#UseBridges|g' /etc/tor/torrc
fi
if ! grep "#ClientTransportPlugin" /etc/tor/torrc; then
sed -i 's|ClientTransportPlugin|#ClientTransportPlugin|g' /etc/tor/torrc
fi
fi
systemctl restart tor
}
# NOTE: deliberately no exit 0 # NOTE: deliberately no exit 0