free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix static analysis failures

This commit is contained in:
Bob Mottram 2018-03-02 20:40:59 +00:00
parent 65ded7b2eb
commit 9a6aee1de7
1 changed files with 52 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
src/freedombone-utils-onion
View File

@ -36,9 +36,9 @@ HIDDEN_SERVICE_PATH='/var/lib/tor/hidden_service_'
function add_email_hostname { function add_email_hostname {
extra_email_hostname="$1" extra_email_hostname="$1"
email_hostnames=$(cat /etc/exim4/update-exim4.conf.conf | grep "dc_other_hostnames" | awk -F "'" '{print $2}') email_hostnames=$(grep "dc_other_hostnames" /etc/exim4/update-exim4.conf.conf | awk -F "'" '{print $2}')
if [[ "$email_hostnames" != *"$extra_email_hostname"* ]]; then if [[ "$email_hostnames" != *"$extra_email_hostname"* ]]; then
sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$emailhostnames;extra_email_hostname'|g" /etc/exim4/update-exim4.conf.conf sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$email_hostnames;extra_email_hostname'|g" /etc/exim4/update-exim4.conf.conf
update-exim4.conf update-exim4.conf
dpkg-reconfigure --frontend noninteractive exim4-config dpkg-reconfigure --frontend noninteractive exim4-config
systemctl restart saslauthd systemctl restart saslauthd
@ -54,7 +54,7 @@ function wait_for_onion_service_base {
onion_service_name="$1" onion_service_name="$1"
sleep_ctr=0 sleep_ctr=0
while [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; do while [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; do
sleep 1 sleep 1
sleep_ctr=$((sleep_ctr + 1)) sleep_ctr=$((sleep_ctr + 1))
if [ $sleep_ctr -gt 10 ]; then if [ $sleep_ctr -gt 10 ]; then
@ -66,12 +66,12 @@ function wait_for_onion_service_base {
function wait_for_onion_service { function wait_for_onion_service {
onion_service_name="$1" onion_service_name="$1"
wait_for_onion_service_base ${onion_service_name} wait_for_onion_service_base "${onion_service_name}"
if [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then if [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
# try a second time # try a second time
onion_update onion_update
wait_for_onion_service_base ${onion_service_name} wait_for_onion_service_base "${onion_service_name}"
fi fi
sync sync
} }
@ -87,22 +87,22 @@ function remove_onion_service {
sed -i "/hidden_service_${onion_service_name}/,+1 d" /etc/tor/torrc sed -i "/hidden_service_${onion_service_name}/,+1 d" /etc/tor/torrc
sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" /etc/tor/torrc sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" /etc/tor/torrc
sed -i "/127.0.0.1:${onion_service_port_to}/d" /etc/tor/torrc sed -i "/127.0.0.1:${onion_service_port_to}/d" /etc/tor/torrc
if [ $3 ]; then if [ "$3" ]; then
sed -i "/127.0.0.1:${3}/d" /etc/tor/torrc sed -i "/127.0.0.1:${3}/d" /etc/tor/torrc
if [ $4 ]; then if [ "$4" ]; then
sed -i "/127.0.0.1:${4}/d" /etc/tor/torrc sed -i "/127.0.0.1:${4}/d" /etc/tor/torrc
if [ $5 ]; then if [ "$5" ]; then
sed -i "/127.0.0.1:${5}/d" /etc/tor/torrc sed -i "/127.0.0.1:${5}/d" /etc/tor/torrc
fi fi
fi fi
fi fi
if [ -d ${HIDDEN_SERVICE_PATH}${onion_service_name} ]; then if [ -d "${HIDDEN_SERVICE_PATH}${onion_service_name}" ]; then
shred -zu ${HIDDEN_SERVICE_PATH}${onion_service_name}/* shred -zu "${HIDDEN_SERVICE_PATH}${onion_service_name}/*"
rm -rf ${HIDDEN_SERVICE_PATH}${onion_service_name} rm -rf "${HIDDEN_SERVICE_PATH}${onion_service_name}"
fi fi
if [ -d ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile ]; then if [ -d "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile" ]; then
shred -zu ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile/* shred -zu "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile/*"
rm -rf ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile rm -rf "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile"
fi fi
remove_completion_param "${onion_service_name} onion domain" remove_completion_param "${onion_service_name} onion domain"
onion_update onion_update
@ -114,8 +114,8 @@ function add_onion_service {
onion_service_port_to=$3 onion_service_port_to=$3
onion_stealth_name="$4" onion_stealth_name="$4"
if [ -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then if [ -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
echo $(cat ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname) cat "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname"
USE_V2_ONION_ADDRESS= USE_V2_ONION_ADDRESS=
return return
fi fi
@ -143,20 +143,20 @@ function add_onion_service {
onion_update onion_update
function_check wait_for_onion_service function_check wait_for_onion_service
wait_for_onion_service ${onion_service_name} wait_for_onion_service "${onion_service_name}"
if [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then if [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
ls -lh ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ls -lh "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname"
echo $"${onion_service_name} onion site hostname not found" echo $"${onion_service_name} onion site hostname not found"
exit 763624 exit 763624
fi fi
onion_address=$(cat ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname) onion_address=$(cat "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname")
# Record the domain in the completion file # Record the domain in the completion file
set_completion_param "${onion_service_name} onion domain" "${onion_address}" set_completion_param "${onion_service_name} onion domain" "${onion_address}"
echo $onion_address echo "$onion_address"
} }
function set_default_onion_domains { function set_default_onion_domains {
@ -184,19 +184,19 @@ function create_avahi_onion_domains {
fi fi
if [ $GNUSOCIAL_DOMAIN_NAME ]; then if [ $GNUSOCIAL_DOMAIN_NAME ]; then
function_check create_avahi_service function_check create_avahi_service
create_avahi_service gnusocial http tcp $GNUSOCIAL_ONION_PORT create_avahi_service gnusocial http tcp "$GNUSOCIAL_ONION_PORT"
fi fi
if [ $HTMLY_DOMAIN_NAME ]; then if [ $HTMLY_DOMAIN_NAME ]; then
function_check create_avahi_service function_check create_avahi_service
create_avahi_service blog http tcp $HTMLY_ONION_PORT create_avahi_service blog http tcp "$HTMLY_ONION_PORT"
fi fi
if [ $GIT_DOMAIN_NAME ]; then if [ $GIT_DOMAIN_NAME ]; then
function_check create_avahi_service function_check create_avahi_service
create_avahi_service git http tcp $GIT_ONION_PORT create_avahi_service git http tcp "$GIT_ONION_PORT"
fi fi
if [ $DOKUWIKI_DOMAIN_NAME ]; then if [ $DOKUWIKI_DOMAIN_NAME ]; then
function_check create_avahi_service function_check create_avahi_service
create_avahi_service dokuwiki http tcp $DOKUWIKI_ONION_PORT create_avahi_service dokuwiki http tcp "$DOKUWIKI_ONION_PORT"
fi fi
} }
@ -204,16 +204,16 @@ function allow_ssh_to_onion_address {
if [[ $SYSTEM_TYPE == "mesh"* ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if [ ! -d /home/$MY_USERNAME/.ssh ]; then if [ ! -d "/home/$MY_USERNAME/.ssh" ]; then
mkdir /home/$MY_USERNAME/.ssh mkdir "/home/$MY_USERNAME/.ssh"
fi fi
if [ ! -d /etc/tor ]; then if [ ! -d /etc/tor ]; then
echo $'Tor not found when updating ssh' echo $'Tor not found when updating ssh'
exit 528257 exit 528257
fi fi
if ! grep -q "onion" /home/$MY_USERNAME/.ssh/config; then if ! grep -q "onion" "/home/$MY_USERNAME/.ssh/config"; then
echo 'Host *.onion' >> /home/$MY_USERNAME/.ssh/config echo 'Host *.onion' >> "/home/$MY_USERNAME/.ssh/config"
echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> /home/$MY_USERNAME/.ssh/config echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> "/home/$MY_USERNAME/.ssh/config"
fi fi
} }
@ -225,14 +225,14 @@ function enable_ssh_via_onion {
return return
fi fi
apt-get -yq install tor connect-proxy apt-get -yq install tor connect-proxy
if ! grep -q 'Host *.onion' /home/$MY_USERNAME/.ssh/config; then if ! grep -q 'Host *.onion' "/home/$MY_USERNAME/.ssh/config"; then
if [ ! -d /home/$MY_USERNAME/.ssh ]; then if [ ! -d "/home/$MY_USERNAME/.ssh" ]; then
mkdir /home/$MY_USERNAME/.ssh mkdir "/home/$MY_USERNAME/.ssh"
fi fi
echo 'Host *.onion' >> /home/$MY_USERNAME/.ssh/config echo 'Host *.onion' >> "/home/$MY_USERNAME/.ssh/config"
echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> /home/$MY_USERNAME/.ssh/config echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> "/home/$MY_USERNAME/.ssh/config"
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.ssh"
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh/config chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.ssh/config"
fi fi
if ! grep -q 'Host *.onion' /root/.ssh/config; then if ! grep -q 'Host *.onion' /root/.ssh/config; then
if [ ! -d /root/.ssh ]; then if [ ! -d /root/.ssh ]; then
@ -259,7 +259,7 @@ function configure_ssh_onion {
return return
fi fi
SSH_ONION_HOSTNAME=$(add_onion_service ssh ${SSH_PORT} ${SSH_PORT}) SSH_ONION_HOSTNAME=$(add_onion_service ssh "${SSH_PORT}" "${SSH_PORT}")
if [[ "$SSH_ONION_HOSTNAME" != *'.onion' ]]; then if [[ "$SSH_ONION_HOSTNAME" != *'.onion' ]]; then
echo $'ssh onion site not generated' echo $'ssh onion site not generated'
exit 624128 exit 624128
@ -313,9 +313,9 @@ function resolve_dns_via_tor {
# resolve DNS via tor # resolve DNS via tor
if ! grep -q 'DNSPort 53' /etc/tor/torrc; then if ! grep -q 'DNSPort 53' /etc/tor/torrc; then
echo 'DNSPort 53' >> /etc/tor/torrc { echo 'DNSPort 53';
echo 'AutomapHostsOnResolve 1' >> /etc/tor/torrc echo 'AutomapHostsOnResolve 1';
echo 'AutomapHostsSuffixes .exit,.onion' >> /etc/tor/torrc echo 'AutomapHostsSuffixes .exit,.onion'; } >> /etc/tor/torrc
onion_update onion_update
fi fi
@ -361,8 +361,8 @@ function route_outgoing_traffic_through_tor {
# Allow clearnet access for hosts in $_non_tor # Allow clearnet access for hosts in $_non_tor
for _clearnet in $_non_tor; do for _clearnet in $_non_tor; do
iptables -t nat -A OUTPUT -d $_clearnet -j RETURN iptables -t nat -A OUTPUT -d "$_clearnet" -j RETURN
iptables -t nat -A PREROUTING -i $_int_if -d $_clearnet -j RETURN iptables -t nat -A PREROUTING -i $_int_if -d "$_clearnet" -j RETURN
done done
# Redirect all other pre-routing and output to Tor # Redirect all other pre-routing and output to Tor
@ -375,7 +375,7 @@ function route_outgoing_traffic_through_tor {
# Allow clearnet access for hosts in $_non_tor # Allow clearnet access for hosts in $_non_tor
for _clearnet in $_non_tor 127.0.0.0/8; do for _clearnet in $_non_tor 127.0.0.0/8; do
iptables -A OUTPUT -d $_clearnet -j ACCEPT iptables -A OUTPUT -d "$_clearnet" -j ACCEPT
done done
# Allow only Tor output # Allow only Tor output
@ -438,9 +438,9 @@ function get_app_onion_address {
if [ ${#mobilestr} -gt 0 ]; then if [ ${#mobilestr} -gt 0 ]; then
app_name="mobile${app_name}" app_name="mobile${app_name}"
fi fi
if grep -q "${app_name} onion domain" $COMPLETION_FILE; then if grep -q "${app_name} onion domain" "$COMPLETION_FILE"; then
if grep -q "${app_name} onion domain" $COMPLETION_FILE; then if grep -q "${app_name} onion domain" "$COMPLETION_FILE"; then
echo $(cat ${COMPLETION_FILE} | grep "${app_name} onion domain" | head -n 1 | awk -F ':' '{print $2}') grep "${app_name} onion domain" "${COMPLETION_FILE}" | head -n 1 | awk -F ':' '{print $2}'
return return
fi fi
fi fi
@ -521,7 +521,7 @@ function tor_remove_bridge {
function tor_create_bridge_relay { function tor_create_bridge_relay {
read_config_param 'TOR_BRIDGE_PORT' read_config_param 'TOR_BRIDGE_PORT'
read_config_param 'TOR_BRIDGE_NICKNAME' read_config_param 'TOR_BRIDGE_NICKNAME'
if [ ! $TOR_BRIDGE_PORT ]; then if [ ! "$TOR_BRIDGE_PORT" ]; then
return return
fi fi
if [ ${#TOR_BRIDGE_PORT} -eq 0 ]; then if [ ${#TOR_BRIDGE_PORT} -eq 0 ]; then
@ -548,11 +548,11 @@ function tor_create_bridge_relay {
read_config_param 'MY_EMAIL_ADDRESS' read_config_param 'MY_EMAIL_ADDRESS'
sed -i "s|#ContactInfo.*|ContactInfo $MY_EMAIL_ADDRESS|g" /etc/tor/torrc sed -i "s|#ContactInfo.*|ContactInfo $MY_EMAIL_ADDRESS|g" /etc/tor/torrc
if [ $TOR_BRIDGE_NICKNAME ]; then if [ "$TOR_BRIDGE_NICKNAME" ]; then
sed -i "s|#Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc sed -i "s|#Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
sed -i "s|Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc sed -i "s|Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
fi fi
firewall_add tor_bridge $TOR_BRIDGE_PORT tcp firewall_add tor_bridge "$TOR_BRIDGE_PORT" tcp
systemctl restart tor systemctl restart tor
} }
@ -573,7 +573,7 @@ function tor_remove_bridge_relay {
sed -i "s|Nickname |#Nickname |g" /etc/tor/torrc sed -i "s|Nickname |#Nickname |g" /etc/tor/torrc
fi fi
read_config_param 'TOR_BRIDGE_PORT' read_config_param 'TOR_BRIDGE_PORT'
firewall_remove $TOR_BRIDGE_PORT tcp firewall_remove "$TOR_BRIDGE_PORT" tcp
systemctl restart tor systemctl restart tor
} }