コード例 #1
0
def test_key_in_secret(fs, monkeypatch):
    env = {
        "GROUP1_TOR_SERVICE_HOSTS": "80:service1:80",
        "GROUP2_TOR_SERVICE_HOSTS": "80:service2:80",
        "GROUP3_TOR_SERVICE_HOSTS": "80:service3:80",
        "GROUP3_TOR_SERVICE_VERSION": "3",
    }

    monkeypatch.setattr(os, "environ", env)

    key_v2, onion_url_v2 = get_key_and_onion()
    key_v3, onion_url_v3 = get_key_and_onion(version=3)

    fs.create_file("/run/secrets/group1", contents=key_v2)
    fs.create_file("/run/secrets/group3", contents=b64decode(key_v3))

    onion = Onions()
    onion._get_setup_from_env()
    onion._load_keys_in_services()

    group1 = onion.find_group_by_name("group1")
    group2 = onion.find_group_by_name("group2")
    group3 = onion.find_group_by_name("group3")

    assert group1.onion_url == onion_url_v2
    assert group2.onion_url not in [onion_url_v2, onion_url_v3]
    assert group3.onion_url == onion_url_v3
コード例 #2
0
def test_key_v2(monkeypatch):
    key, onion_url = get_key_and_onion(version=2)
    envs = [
        {
            "GROUP1_TOR_SERVICE_HOSTS": "80:service1:80,81:service2:80",
            "GROUP1_TOR_SERVICE_VERSION": "2",
            "GROUP1_TOR_SERVICE_KEY": key,
        },
        {
            "GROUP1_TOR_SERVICE_HOSTS": "80:service1:80,81:service2:80",
            "GROUP1_TOR_SERVICE_KEY": key,
        },
    ]

    for env in envs:
        monkeypatch.setattr(os, "environ", env)

        onion = Onions()
        onion._get_setup_from_env()
        onion._load_keys_in_services()

        assert len(os.environ) == len(env)
        assert len(onion.services) == 1

        assert onion.services[0].onion_url == onion_url
コード例 #3
0
def test_key_in_secret(fs, monkeypatch):
    env = {
        'GROUP1_TOR_SERVICE_HOSTS': '80:service1:80',
        'GROUP2_TOR_SERVICE_HOSTS': '80:service2:80',
        'GROUP3_TOR_SERVICE_HOSTS': '80:service3:80',
        'GROUP3_TOR_SERVICE_VERSION': '3',
    }

    monkeypatch.setattr(os, 'environ', env)

    key_v2, onion_url_v2 = get_key_and_onion()
    key_v3, onion_url_v3 = get_key_and_onion(version=3)

    fs.create_file('/run/secrets/group1', contents=key_v2)
    fs.create_file('/run/secrets/group3', contents=b64decode(key_v3))

    onion = Onions()
    onion._get_setup_from_env()
    onion._load_keys_in_services()

    group1 = onion.find_group_by_name('group1')
    group2 = onion.find_group_by_name('group2')
    group3 = onion.find_group_by_name('group3')

    assert group1.onion_url == onion_url_v2
    assert group2.onion_url not in [onion_url_v2, onion_url_v3]
    assert group3.onion_url == onion_url_v3
コード例 #4
0
def test_key_v3(monkeypatch):
    key, onion_url = get_key_and_onion(version=3)
    env = {
        'GROUP1_TOR_SERVICE_HOSTS': '80:service1:80,81:service2:80',
        'GROUP1_TOR_SERVICE_VERSION': '3',
        'GROUP1_TOR_SERVICE_KEY': key,
    }

    monkeypatch.setattr(os, 'environ', env)

    onion = Onions()
    onion._get_setup_from_env()
    onion._load_keys_in_services()

    assert len(os.environ) == 3
    assert len(onion.services) == 1

    assert onion.services[0].onion_url == onion_url
コード例 #5
0
def test_configuration(fs, monkeypatch, tmpdir):
    extra_options = """
HiddenServiceNonAnonymousMode 1
HiddenServiceSingleHopMode 1
    """.strip()

    env = {
        "SERVICE1_SERVICE_NAME": "group1",
        "SERVICE2_SERVICE_NAME": "group1",
        "SERVICE3_SERVICE_NAME": "group2",
        "SERVICE1_PORTS": "80:80",
        "SERVICE2_PORTS": "81:80,82:8000",
        "SERVICE3_PORTS": "80:unix://unix.socket",
        "GROUP3_TOR_SERVICE_VERSION": "2",
        "GROUP3_TOR_SERVICE_HOSTS": "80:service4:888,81:service5:8080",
        "GROUP4_TOR_SERVICE_VERSION": "3",
        "GROUP4_TOR_SERVICE_HOSTS": "81:unix://unix2.sock",
        "GROUP3V3_TOR_SERVICE_VERSION": "3",
        "GROUP3V3_TOR_SERVICE_HOSTS": "80:service4:888,81:service5:8080",
        "SERVICE5_TOR_SERVICE_HOSTS": "80:service5:80",
        "TOR_EXTRA_OPTIONS": extra_options,
    }

    hidden_dir = "/var/lib/tor/hidden_service"

    monkeypatch.setattr(os, "environ", env)
    monkeypatch.setattr(os, "fchmod", lambda x, y: None)

    torrc_tpl = get_torrc_template()

    fs.create_file("/var/local/tor/torrc.tpl", contents=torrc_tpl)
    fs.create_file("/etc/tor/torrc")
    fs.create_dir(hidden_dir)

    onion = Onions()
    onion._get_setup_from_env()
    onion._load_keys_in_services()
    onion.apply_conf()

    onions_urls = {}
    for dir in os.listdir(hidden_dir):
        with open(os.path.join(hidden_dir, dir, "hostname"), "r") as f:
            onions_urls[dir] = f.read().strip()

    with open("/etc/tor/torrc", "r") as f:
        torrc = f.read()

    print(torrc)
    assert "HiddenServiceDir /var/lib/tor/hidden_service/group1" in torrc
    assert "HiddenServicePort 80 service1:80" in torrc
    assert "HiddenServicePort 81 service2:80" in torrc
    assert "HiddenServicePort 82 service2:8000" in torrc
    assert "HiddenServiceDir /var/lib/tor/hidden_service/group2" in torrc
    assert "HiddenServicePort 80 unix://unix.socket" in torrc
    assert "HiddenServiceDir /var/lib/tor/hidden_service/group3" in torrc
    assert "HiddenServiceDir /var/lib/tor/hidden_service/group4" in torrc
    assert "HiddenServiceDir /var/lib/tor/hidden_service/group3v3" in torrc
    assert "HiddenServiceDir /var/lib/tor/hidden_service/service5" in torrc
    assert torrc.count("HiddenServicePort 80 service4:888") == 2
    assert torrc.count("HiddenServicePort 81 service5:8080") == 2
    assert torrc.count("HiddenServicePort 80 service5:80") == 1
    assert torrc.count("HiddenServicePort 81 unix://unix2.sock") == 1
    assert torrc.count("HiddenServiceVersion 3") == 2
    assert "HiddenServiceNonAnonymousMode 1\n" in torrc
    assert "HiddenServiceSingleHopMode 1\n" in torrc
    assert "ControlPort" not in torrc

    # Check parser
    onion2 = Onions()
    onion2.torrc_parser()

    assert len(onion2.services) == 6

    assert set(
        group.name for group in onion2.services
        # ) == set(['group1', 'group2'])
    ) == set(["group1", "group2", "group3", "group4", "group3v3", "service5"])

    for group in onion2.services:
        if group.name == "group1":
            assert len(group.services) == 2
            assert group.version == 2
            assert group.onion_url == onions_urls[group.name]
            assert set(service.host for service in group.services) == set(
                ["service1", "service2"])
            for service in group.services:
                if service.host == "service1":
                    assert len(service.ports) == 1
                    assert set((port.port_from, port.dest)
                               for port in service.ports) == set([(80, 80)])
                if service.host == "service2":
                    assert len(service.ports) == 2
                    assert set((port.port_from, port.dest)
                               for port in service.ports) == set([(81, 80),
                                                                  (82, 8000)])
        if group.name == "group2":
            assert len(group.services) == 1
            assert group.version == 2
            assert group.onion_url == onions_urls[group.name]
            assert set(service.host
                       for service in group.services) == set(["group2"])
            service = group.services[0]
            assert len(service.ports) == 1
            assert set(
                (port.port_from, port.dest)
                for port in service.ports) == set([(80, "unix://unix.socket")])

        if group.name in ["group3", "group3v3"]:
            assert len(group.services) == 2
            assert group.version == 2 if group.name == "group3" else 3
            assert group.onion_url == onions_urls[group.name]
            assert set(service.host for service in group.services) == set(
                ["service4", "service5"])
            for service in group.services:
                if service.host == "service4":
                    assert len(service.ports) == 1
                    assert set((port.port_from, port.dest)
                               for port in service.ports) == set([(80, 888)])
                if service.host == "service5":
                    assert len(service.ports) == 1
                    assert set((port.port_from, port.dest)
                               for port in service.ports) == set([(81, 8080)])

        if group.name == "group4":
            assert len(group.services) == 1
            assert group.version == 3
            assert group.onion_url == onions_urls[group.name]
            assert set(service.host
                       for service in group.services) == set(["group4"])
            for service in group.services:
                assert service.host == "group4"
                assert len(service.ports) == 1
                assert set((port.port_from, port.dest)
                           for port in service.ports) == set([
                               (81, "unix://unix2.sock")
                           ])

        if group.name == "service5":
            assert len(group.services) == 1
            assert group.version == 2
            assert group.onion_url == onions_urls[group.name]
            assert set(service.host
                       for service in group.services) == set(["service5"])
            for service in group.services:
                assert service.host == "service5"
                assert len(service.ports) == 1
                assert set((port.port_from, port.dest)
                           for port in service.ports) == set([(80, 80)])

    # bug with fakefs, test everything in the same function

    env = {
        "TOR_CONTROL_PORT": "172.0.1.0:7867",
        "TOR_CONTROL_PASSWORD": "******",
    }

    def mock_hash(self, password):
        self.control_hashed_password = "******"

    monkeypatch.setattr(os, "environ", env)
    monkeypatch.setattr(Onions, "_hash_control_port_password", mock_hash)

    onion = Onions()
    onion._setup_control_port()
    onion.apply_conf()

    with open("/etc/tor/torrc", "r") as f:
        torrc = f.read()

    print(torrc)
    assert "ControlPort 172.0.1.0:7867" in torrc
    assert f"HashedControlPassword {onion.control_hashed_password}" in torrc

    env = {
        "TOR_CONTROL_PORT": "unix:/path/to.socket",
    }

    monkeypatch.setattr(os, "environ", env)

    torrc_tpl = get_torrc_template()

    onion = Onions()
    onion._setup_control_port()
    onion.apply_conf()

    with open("/etc/tor/torrc", "r") as f:
        torrc = f.read()

    print(torrc)
    assert "ControlPort unix:/path/to.socket" in torrc
コード例 #6
0
def test_configuration(fs, monkeypatch, tmpdir):

    env = {
        'SERVICE1_SERVICE_NAME': 'group1',
        'SERVICE2_SERVICE_NAME': 'group1',
        'SERVICE3_SERVICE_NAME': 'group2',
        'SERVICE1_PORTS': '80:80',
        'SERVICE2_PORTS': '81:80,82:8000',
        'SERVICE3_PORTS': '80:unix://unix.socket',
        'GROUP3_TOR_SERVICE_VERSION': '2',
        'GROUP3_TOR_SERVICE_HOSTS': '80:service4:888,81:service5:8080',
        'GROUP4_TOR_SERVICE_VERSION': '3',
        'GROUP4_TOR_SERVICE_HOSTS': '81:unix://unix2.sock',
        'GROUP3V3_TOR_SERVICE_VERSION': '3',
        'GROUP3V3_TOR_SERVICE_HOSTS': '80:service4:888,81:service5:8080',
        'SERVICE5_TOR_SERVICE_HOSTS': '80:service5:80'
    }

    hidden_dir = '/var/lib/tor/hidden_service'

    monkeypatch.setattr(os, 'environ', env)
    monkeypatch.setattr(os, 'fchmod', lambda x, y: None)

    torrc_tpl = get_torrc_template()

    fs.create_file('/var/local/tor/torrc.tpl', contents=torrc_tpl)
    fs.create_file('/etc/tor/torrc')
    fs.create_dir(hidden_dir)

    onion = Onions()
    onion._get_setup_from_env()
    onion._load_keys_in_services()
    onion.apply_conf()

    onions_urls = {}
    for dir in os.listdir(hidden_dir):
        with open(os.path.join(hidden_dir, dir, 'hostname'), 'r') as f:
            onions_urls[dir] = f.read().strip()

    with open('/etc/tor/torrc', 'r') as f:
        torrc = f.read()

    print(torrc)
    assert 'HiddenServiceDir /var/lib/tor/hidden_service/group1' in torrc
    assert 'HiddenServicePort 80 service1:80' in torrc
    assert 'HiddenServicePort 81 service2:80' in torrc
    assert 'HiddenServicePort 82 service2:8000' in torrc
    assert 'HiddenServiceDir /var/lib/tor/hidden_service/group2' in torrc
    assert 'HiddenServicePort 80 unix://unix.socket' in torrc
    assert 'HiddenServiceDir /var/lib/tor/hidden_service/group3' in torrc
    assert 'HiddenServiceDir /var/lib/tor/hidden_service/group4' in torrc
    assert 'HiddenServiceDir /var/lib/tor/hidden_service/group3v3' in torrc
    assert 'HiddenServiceDir /var/lib/tor/hidden_service/service5' in torrc
    assert torrc.count('HiddenServicePort 80 service4:888') == 2
    assert torrc.count('HiddenServicePort 81 service5:8080') == 2
    assert torrc.count('HiddenServicePort 80 service5:80') == 1
    assert torrc.count('HiddenServicePort 81 unix://unix2.sock') == 1
    assert torrc.count('HiddenServiceVersion 3') == 2

    # Check parser
    onion2 = Onions()
    onion2.torrc_parser()

    assert len(onion2.services) == 6

    assert set(
        group.name for group in onion2.services
        # ) == set(['group1', 'group2'])
    ) == set(['group1', 'group2', 'group3', 'group4', 'group3v3', 'service5'])

    for group in onion2.services:
        if group.name == 'group1':
            assert len(group.services) == 2
            assert group.version == 2
            assert group.onion_url == onions_urls[group.name]
            assert set(
                service.host for service in group.services
            ) == set(['service1', 'service2'])
            for service in group.services:
                if service.host == 'service1':
                    assert len(service.ports) == 1
                    assert set(
                        (port.port_from, port.dest) for port in service.ports
                    ) == set([(80, 80)])
                if service.host == 'service2':
                    assert len(service.ports) == 2
                    assert set(
                        (port.port_from, port.dest) for port in service.ports
                    ) == set([(81, 80), (82, 8000)])
        if group.name == 'group2':
            assert len(group.services) == 1
            assert group.version == 2
            assert group.onion_url == onions_urls[group.name]
            assert set(
                service.host for service in group.services
            ) == set(['group2'])
            service = group.services[0]
            assert len(service.ports) == 1
            assert set(
                (port.port_from, port.dest) for port in service.ports
            ) == set([(80, 'unix://unix.socket')])

        if group.name in ['group3', 'group3v3']:
            assert len(group.services) == 2
            assert group.version == 2 if group.name == 'group3' else 3
            assert group.onion_url == onions_urls[group.name]
            assert set(
                service.host for service in group.services
            ) == set(['service4', 'service5'])
            for service in group.services:
                if service.host == 'service4':
                    assert len(service.ports) == 1
                    assert set(
                        (port.port_from, port.dest) for port in service.ports
                    ) == set([(80, 888)])
                if service.host == 'service5':
                    assert len(service.ports) == 1
                    assert set(
                        (port.port_from, port.dest) for port in service.ports
                    ) == set([(81, 8080)])

        if group.name == 'group4':
            assert len(group.services) == 1
            assert group.version == 3
            assert group.onion_url == onions_urls[group.name]
            assert set(
                service.host for service in group.services
            ) == set(['group4'])
            for service in group.services:
                assert service.host == 'group4'
                assert len(service.ports) == 1
                assert set(
                    (port.port_from, port.dest) for port in service.ports
                ) == set([(81, 'unix://unix2.sock')])

        if group.name == 'service5':
            assert len(group.services) == 1
            assert group.version == 2
            assert group.onion_url == onions_urls[group.name]
            assert set(
                service.host for service in group.services
            ) == set(['service5'])
            for service in group.services:
                assert service.host == 'service5'
                assert len(service.ports) == 1
                assert set(
                    (port.port_from, port.dest) for port in service.ports
                ) == set([(80, 80)])