Tor password authentication (#746)
Added password authentication for tor control port. For user configuration of access to tor control port. This file should be heavily restricted in file system. Co-authored-by: MadcowOG <madcowog@Arch-Main.localdomain>main
parent
dc03022e27
commit
c9ee9dcc8b
|
@ -337,12 +337,14 @@ There are a few optional environment variables available for customizing a Whoog
|
||||||
| WHOOGLE_ALT_RD | The reddit.com alternative to use when site alternatives are enabled in the config. |
|
| WHOOGLE_ALT_RD | The reddit.com alternative to use when site alternatives are enabled in the config. |
|
||||||
| WHOOGLE_ALT_TL | The Google Translate alternative to use. This is used for all "translate ____" searches. |
|
| WHOOGLE_ALT_TL | The Google Translate alternative to use. This is used for all "translate ____" searches. |
|
||||||
| WHOOGLE_ALT_MD | The medium.com alternative to use when site alternatives are enabled in the config. |
|
| WHOOGLE_ALT_MD | The medium.com alternative to use when site alternatives are enabled in the config. |
|
||||||
| WHOOGLE_ALT_IMG | The imgur.com alternative to use when site alternatives are enabled in the config. |
|
| WHOOGLE_ALT_IMG | The imgur.com alternative to use when site alternatives are enabled in the config. |
|
||||||
| WHOOGLE_ALT_WIKI | The wikipedia.com alternative to use when site alternatives are enabled in the config. |
|
| WHOOGLE_ALT_WIKI | The wikipedia.com alternative to use when site alternatives are enabled in the config. |
|
||||||
| WHOOGLE_AUTOCOMPLETE | Controls visibility of autocomplete/search suggestions. Default on -- use '0' to disable |
|
| WHOOGLE_AUTOCOMPLETE | Controls visibility of autocomplete/search suggestions. Default on -- use '0' to disable |
|
||||||
| WHOOGLE_MINIMAL | Remove everything except basic result cards from all search queries. |
|
| WHOOGLE_MINIMAL | Remove everything except basic result cards from all search queries. |
|
||||||
| WHOOGLE_CSP | Sets a default set of 'Content-Security-Policy' headers |
|
| WHOOGLE_CSP | Sets a default set of 'Content-Security-Policy' headers |
|
||||||
| WHOOGLE_RESULTS_PER_PAGE | Set the number of results per page |
|
| WHOOGLE_RESULTS_PER_PAGE | Set the number of results per page |
|
||||||
|
| WHOOGLE_TOR_USE_PASS | Use password authentication for tor control port. |
|
||||||
|
| WHOOGLE_TOR_CONF | The absolute path to the config file containing the password for the tor control port. Default: ./misc/tor/control.conf WHOOGLE_TOR_PASS must be 1 for this to work.|
|
||||||
|
|
||||||
### Config Environment Variables
|
### Config Environment Variables
|
||||||
These environment variables allow setting default config values, but can be overwritten manually by using the home page config menu. These allow a shortcut for destroying/rebuilding an instance to the same config state every time.
|
These environment variables allow setting default config values, but can be overwritten manually by using the home page config menu. These allow a shortcut for destroying/rebuilding an instance to the same config state every time.
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
from app.models.config import Config
|
from app.models.config import Config
|
||||||
|
from app.utils.misc import read_config_bool
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
from defusedxml import ElementTree as ET
|
from defusedxml import ElementTree as ET
|
||||||
import random
|
import random
|
||||||
|
@ -8,6 +9,7 @@ import urllib.parse as urlparse
|
||||||
import os
|
import os
|
||||||
from stem import Signal, SocketError
|
from stem import Signal, SocketError
|
||||||
from stem.control import Controller
|
from stem.control import Controller
|
||||||
|
from stem.connection import authenticate_cookie, authenticate_password
|
||||||
|
|
||||||
MAPS_URL = 'https://maps.google.com/maps'
|
MAPS_URL = 'https://maps.google.com/maps'
|
||||||
AUTOCOMPLETE_URL = ('https://suggestqueries.google.com/'
|
AUTOCOMPLETE_URL = ('https://suggestqueries.google.com/'
|
||||||
|
@ -37,9 +39,27 @@ class TorError(Exception):
|
||||||
|
|
||||||
|
|
||||||
def send_tor_signal(signal: Signal) -> bool:
|
def send_tor_signal(signal: Signal) -> bool:
|
||||||
|
use_pass = read_config_bool('WHOOGLE_TOR_USE_PASS')
|
||||||
|
|
||||||
|
confloc = './misc/tor/control.conf'
|
||||||
|
# Check that the custom location of conf is real.
|
||||||
|
temp = os.getenv('WHOOGLE_TOR_CONF', '')
|
||||||
|
if os.path.isfile(temp):
|
||||||
|
confloc = temp
|
||||||
|
|
||||||
|
# Attempt to authenticate and send signal.
|
||||||
try:
|
try:
|
||||||
with Controller.from_port(port=9051) as c:
|
with Controller.from_port(port=9051) as c:
|
||||||
c.authenticate()
|
if use_pass:
|
||||||
|
with open(confloc, "r") as conf:
|
||||||
|
# Scan for the last line of the file.
|
||||||
|
for line in conf:
|
||||||
|
pass
|
||||||
|
secret = line
|
||||||
|
authenticate_password(c, password=secret)
|
||||||
|
else:
|
||||||
|
cookie_path = '/var/lib/tor/control_auth_cookie'
|
||||||
|
authenticate_cookie(c, cookie_path=cookie_path)
|
||||||
c.signal(signal)
|
c.signal(signal)
|
||||||
os.environ['TOR_AVAILABLE'] = '1'
|
os.environ['TOR_AVAILABLE'] = '1'
|
||||||
return True
|
return True
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
import argparse
|
import argparse
|
||||||
import base64
|
import base64
|
||||||
import io
|
import io
|
||||||
import os
|
|
||||||
import json
|
import json
|
||||||
import os
|
import os
|
||||||
import pickle
|
import pickle
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
# Place password here. Keep this safe.
|
Loading…
Reference in New Issue