Fix static analysis failures
This commit is contained in:
Bob Mottram
parent
65ded7b2eb
commit
9a6aee1de7
|
|
@ -36,9 +36,9 @@ HIDDEN_SERVICE_PATH='/var/lib/tor/hidden_service_'
|
|||
|
||||
function add_email_hostname {
|
||||
extra_email_hostname="$1"
|
||||
email_hostnames=$(cat /etc/exim4/update-exim4.conf.conf | grep "dc_other_hostnames" | awk -F "'" '{print $2}')
|
||||
email_hostnames=$(grep "dc_other_hostnames" /etc/exim4/update-exim4.conf.conf | awk -F "'" '{print $2}')
|
||||
if [[ "$email_hostnames" != *"$extra_email_hostname"* ]]; then
|
||||
sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$emailhostnames;extra_email_hostname'|g" /etc/exim4/update-exim4.conf.conf
|
||||
sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$email_hostnames;extra_email_hostname'|g" /etc/exim4/update-exim4.conf.conf
|
||||
update-exim4.conf
|
||||
dpkg-reconfigure --frontend noninteractive exim4-config
|
||||
systemctl restart saslauthd
|
||||
|
|
@ -54,7 +54,7 @@ function wait_for_onion_service_base {
|
|||
onion_service_name="$1"
|
||||
|
||||
sleep_ctr=0
|
||||
while [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; do
|
||||
while [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; do
|
||||
sleep 1
|
||||
sleep_ctr=$((sleep_ctr + 1))
|
||||
if [ $sleep_ctr -gt 10 ]; then
|
||||
|
|
@ -66,12 +66,12 @@ function wait_for_onion_service_base {
|
|||
function wait_for_onion_service {
|
||||
onion_service_name="$1"
|
||||
|
||||
wait_for_onion_service_base ${onion_service_name}
|
||||
wait_for_onion_service_base "${onion_service_name}"
|
||||
|
||||
if [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
|
||||
if [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
|
||||
# try a second time
|
||||
onion_update
|
||||
wait_for_onion_service_base ${onion_service_name}
|
||||
wait_for_onion_service_base "${onion_service_name}"
|
||||
fi
|
||||
sync
|
||||
}
|
||||
|
|
@ -87,22 +87,22 @@ function remove_onion_service {
|
|||
sed -i "/hidden_service_${onion_service_name}/,+1 d" /etc/tor/torrc
|
||||
sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" /etc/tor/torrc
|
||||
sed -i "/127.0.0.1:${onion_service_port_to}/d" /etc/tor/torrc
|
||||
if [ $3 ]; then
|
||||
if [ "$3" ]; then
|
||||
sed -i "/127.0.0.1:${3}/d" /etc/tor/torrc
|
||||
if [ $4 ]; then
|
||||
if [ "$4" ]; then
|
||||
sed -i "/127.0.0.1:${4}/d" /etc/tor/torrc
|
||||
if [ $5 ]; then
|
||||
if [ "$5" ]; then
|
||||
sed -i "/127.0.0.1:${5}/d" /etc/tor/torrc
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
if [ -d ${HIDDEN_SERVICE_PATH}${onion_service_name} ]; then
|
||||
shred -zu ${HIDDEN_SERVICE_PATH}${onion_service_name}/*
|
||||
rm -rf ${HIDDEN_SERVICE_PATH}${onion_service_name}
|
||||
if [ -d "${HIDDEN_SERVICE_PATH}${onion_service_name}" ]; then
|
||||
shred -zu "${HIDDEN_SERVICE_PATH}${onion_service_name}/*"
|
||||
rm -rf "${HIDDEN_SERVICE_PATH}${onion_service_name}"
|
||||
fi
|
||||
if [ -d ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile ]; then
|
||||
shred -zu ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile/*
|
||||
rm -rf ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile
|
||||
if [ -d "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile" ]; then
|
||||
shred -zu "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile/*"
|
||||
rm -rf "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile"
|
||||
fi
|
||||
remove_completion_param "${onion_service_name} onion domain"
|
||||
onion_update
|
||||
|
|
@ -114,8 +114,8 @@ function add_onion_service {
|
|||
onion_service_port_to=$3
|
||||
onion_stealth_name="$4"
|
||||
|
||||
if [ -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
|
||||
echo $(cat ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname)
|
||||
if [ -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
|
||||
cat "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname"
|
||||
USE_V2_ONION_ADDRESS=
|
||||
return
|
||||
fi
|
||||
|
|
@ -143,20 +143,20 @@ function add_onion_service {
|
|||
onion_update
|
||||
|
||||
function_check wait_for_onion_service
|
||||
wait_for_onion_service ${onion_service_name}
|
||||
wait_for_onion_service "${onion_service_name}"
|
||||
|
||||
if [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
|
||||
ls -lh ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname
|
||||
if [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
|
||||
ls -lh "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname"
|
||||
echo $"${onion_service_name} onion site hostname not found"
|
||||
exit 763624
|
||||
fi
|
||||
|
||||
onion_address=$(cat ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname)
|
||||
onion_address=$(cat "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname")
|
||||
|
||||
# Record the domain in the completion file
|
||||
set_completion_param "${onion_service_name} onion domain" "${onion_address}"
|
||||
|
||||
echo $onion_address
|
||||
echo "$onion_address"
|
||||
}
|
||||
|
||||
function set_default_onion_domains {
|
||||
|
|
@ -184,19 +184,19 @@ function create_avahi_onion_domains {
|
|||
fi
|
||||
if [ $GNUSOCIAL_DOMAIN_NAME ]; then
|
||||
function_check create_avahi_service
|
||||
create_avahi_service gnusocial http tcp $GNUSOCIAL_ONION_PORT
|
||||
create_avahi_service gnusocial http tcp "$GNUSOCIAL_ONION_PORT"
|
||||
fi
|
||||
if [ $HTMLY_DOMAIN_NAME ]; then
|
||||
function_check create_avahi_service
|
||||
create_avahi_service blog http tcp $HTMLY_ONION_PORT
|
||||
create_avahi_service blog http tcp "$HTMLY_ONION_PORT"
|
||||
fi
|
||||
if [ $GIT_DOMAIN_NAME ]; then
|
||||
function_check create_avahi_service
|
||||
create_avahi_service git http tcp $GIT_ONION_PORT
|
||||
create_avahi_service git http tcp "$GIT_ONION_PORT"
|
||||
fi
|
||||
if [ $DOKUWIKI_DOMAIN_NAME ]; then
|
||||
function_check create_avahi_service
|
||||
create_avahi_service dokuwiki http tcp $DOKUWIKI_ONION_PORT
|
||||
create_avahi_service dokuwiki http tcp "$DOKUWIKI_ONION_PORT"
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
@ -204,16 +204,16 @@ function allow_ssh_to_onion_address {
|
|||
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
|
||||
return
|
||||
fi
|
||||
if [ ! -d /home/$MY_USERNAME/.ssh ]; then
|
||||
mkdir /home/$MY_USERNAME/.ssh
|
||||
if [ ! -d "/home/$MY_USERNAME/.ssh" ]; then
|
||||
mkdir "/home/$MY_USERNAME/.ssh"
|
||||
fi
|
||||
if [ ! -d /etc/tor ]; then
|
||||
echo $'Tor not found when updating ssh'
|
||||
exit 528257
|
||||
fi
|
||||
if ! grep -q "onion" /home/$MY_USERNAME/.ssh/config; then
|
||||
echo 'Host *.onion' >> /home/$MY_USERNAME/.ssh/config
|
||||
echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> /home/$MY_USERNAME/.ssh/config
|
||||
if ! grep -q "onion" "/home/$MY_USERNAME/.ssh/config"; then
|
||||
echo 'Host *.onion' >> "/home/$MY_USERNAME/.ssh/config"
|
||||
echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> "/home/$MY_USERNAME/.ssh/config"
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
@ -225,14 +225,14 @@ function enable_ssh_via_onion {
|
|||
return
|
||||
fi
|
||||
apt-get -yq install tor connect-proxy
|
||||
if ! grep -q 'Host *.onion' /home/$MY_USERNAME/.ssh/config; then
|
||||
if [ ! -d /home/$MY_USERNAME/.ssh ]; then
|
||||
mkdir /home/$MY_USERNAME/.ssh
|
||||
if ! grep -q 'Host *.onion' "/home/$MY_USERNAME/.ssh/config"; then
|
||||
if [ ! -d "/home/$MY_USERNAME/.ssh" ]; then
|
||||
mkdir "/home/$MY_USERNAME/.ssh"
|
||||
fi
|
||||
echo 'Host *.onion' >> /home/$MY_USERNAME/.ssh/config
|
||||
echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> /home/$MY_USERNAME/.ssh/config
|
||||
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
|
||||
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh/config
|
||||
echo 'Host *.onion' >> "/home/$MY_USERNAME/.ssh/config"
|
||||
echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> "/home/$MY_USERNAME/.ssh/config"
|
||||
chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.ssh"
|
||||
chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.ssh/config"
|
||||
fi
|
||||
if ! grep -q 'Host *.onion' /root/.ssh/config; then
|
||||
if [ ! -d /root/.ssh ]; then
|
||||
|
|
@ -259,7 +259,7 @@ function configure_ssh_onion {
|
|||
return
|
||||
fi
|
||||
|
||||
SSH_ONION_HOSTNAME=$(add_onion_service ssh ${SSH_PORT} ${SSH_PORT})
|
||||
SSH_ONION_HOSTNAME=$(add_onion_service ssh "${SSH_PORT}" "${SSH_PORT}")
|
||||
if [[ "$SSH_ONION_HOSTNAME" != *'.onion' ]]; then
|
||||
echo $'ssh onion site not generated'
|
||||
exit 624128
|
||||
|
|
@ -313,9 +313,9 @@ function resolve_dns_via_tor {
|
|||
|
||||
# resolve DNS via tor
|
||||
if ! grep -q 'DNSPort 53' /etc/tor/torrc; then
|
||||
echo 'DNSPort 53' >> /etc/tor/torrc
|
||||
echo 'AutomapHostsOnResolve 1' >> /etc/tor/torrc
|
||||
echo 'AutomapHostsSuffixes .exit,.onion' >> /etc/tor/torrc
|
||||
{ echo 'DNSPort 53';
|
||||
echo 'AutomapHostsOnResolve 1';
|
||||
echo 'AutomapHostsSuffixes .exit,.onion'; } >> /etc/tor/torrc
|
||||
onion_update
|
||||
fi
|
||||
|
||||
|
|
@ -361,8 +361,8 @@ function route_outgoing_traffic_through_tor {
|
|||
|
||||
# Allow clearnet access for hosts in $_non_tor
|
||||
for _clearnet in $_non_tor; do
|
||||
iptables -t nat -A OUTPUT -d $_clearnet -j RETURN
|
||||
iptables -t nat -A PREROUTING -i $_int_if -d $_clearnet -j RETURN
|
||||
iptables -t nat -A OUTPUT -d "$_clearnet" -j RETURN
|
||||
iptables -t nat -A PREROUTING -i $_int_if -d "$_clearnet" -j RETURN
|
||||
done
|
||||
|
||||
# Redirect all other pre-routing and output to Tor
|
||||
|
|
@ -375,7 +375,7 @@ function route_outgoing_traffic_through_tor {
|
|||
|
||||
# Allow clearnet access for hosts in $_non_tor
|
||||
for _clearnet in $_non_tor 127.0.0.0/8; do
|
||||
iptables -A OUTPUT -d $_clearnet -j ACCEPT
|
||||
iptables -A OUTPUT -d "$_clearnet" -j ACCEPT
|
||||
done
|
||||
|
||||
# Allow only Tor output
|
||||
|
|
@ -438,9 +438,9 @@ function get_app_onion_address {
|
|||
if [ ${#mobilestr} -gt 0 ]; then
|
||||
app_name="mobile${app_name}"
|
||||
fi
|
||||
if grep -q "${app_name} onion domain" $COMPLETION_FILE; then
|
||||
if grep -q "${app_name} onion domain" $COMPLETION_FILE; then
|
||||
echo $(cat ${COMPLETION_FILE} | grep "${app_name} onion domain" | head -n 1 | awk -F ':' '{print $2}')
|
||||
if grep -q "${app_name} onion domain" "$COMPLETION_FILE"; then
|
||||
if grep -q "${app_name} onion domain" "$COMPLETION_FILE"; then
|
||||
grep "${app_name} onion domain" "${COMPLETION_FILE}" | head -n 1 | awk -F ':' '{print $2}'
|
||||
return
|
||||
fi
|
||||
fi
|
||||
|
|
@ -521,7 +521,7 @@ function tor_remove_bridge {
|
|||
function tor_create_bridge_relay {
|
||||
read_config_param 'TOR_BRIDGE_PORT'
|
||||
read_config_param 'TOR_BRIDGE_NICKNAME'
|
||||
if [ ! $TOR_BRIDGE_PORT ]; then
|
||||
if [ ! "$TOR_BRIDGE_PORT" ]; then
|
||||
return
|
||||
fi
|
||||
if [ ${#TOR_BRIDGE_PORT} -eq 0 ]; then
|
||||
|
|
@ -548,11 +548,11 @@ function tor_create_bridge_relay {
|
|||
read_config_param 'MY_EMAIL_ADDRESS'
|
||||
|
||||
sed -i "s|#ContactInfo.*|ContactInfo $MY_EMAIL_ADDRESS|g" /etc/tor/torrc
|
||||
if [ $TOR_BRIDGE_NICKNAME ]; then
|
||||
if [ "$TOR_BRIDGE_NICKNAME" ]; then
|
||||
sed -i "s|#Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
|
||||
sed -i "s|Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
|
||||
fi
|
||||
firewall_add tor_bridge $TOR_BRIDGE_PORT tcp
|
||||
firewall_add tor_bridge "$TOR_BRIDGE_PORT" tcp
|
||||
systemctl restart tor
|
||||
}
|
||||
|
||||
|
|
@ -573,7 +573,7 @@ function tor_remove_bridge_relay {
|
|||
sed -i "s|Nickname |#Nickname |g" /etc/tor/torrc
|
||||
fi
|
||||
read_config_param 'TOR_BRIDGE_PORT'
|
||||
firewall_remove $TOR_BRIDGE_PORT tcp
|
||||
firewall_remove "$TOR_BRIDGE_PORT" tcp
|
||||
systemctl restart tor
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue