|
|
|
|
@ -207,7 +207,7 @@ def lYamlGoodNodes(sFile='/etc/tor/torrc-goodnodes.yaml'):
|
|
|
|
|
with open(sFile, 'rt') as oFd:
|
|
|
|
|
o = yaml.safe_load(oFd)
|
|
|
|
|
oGOOD_NODES = o
|
|
|
|
|
if 'GuardNodes' in o[root].keys():
|
|
|
|
|
if 'GuardNodes' in o[oGOOD_ROOT].keys():
|
|
|
|
|
l += o[oGOOD_ROOT]['GuardNodes']
|
|
|
|
|
# yq '.Nodes.IntroductionPoints|.[]' < /etc/tor/torrc-goodnodes.yaml
|
|
|
|
|
return l
|
|
|
|
|
@ -453,22 +453,22 @@ def oMainArgparser(_=None):
|
|
|
|
|
help='proxy download connect timeout')
|
|
|
|
|
|
|
|
|
|
parser.add_argument('--good_nodes', type=str,
|
|
|
|
|
default=os.path.join(ETC_DIR, '/torrc-goodnodes.yaml'),
|
|
|
|
|
default=os.path.join(ETC_DIR, 'torrc-goodnodes.yaml'),
|
|
|
|
|
help="Yaml file of good nodes that should not be excluded")
|
|
|
|
|
parser.add_argument('--bad_nodes', type=str,
|
|
|
|
|
default=os.path.join(ETC_DIR, '/torrc-badnodes.yaml'),
|
|
|
|
|
default=os.path.join(ETC_DIR, 'torrc-badnodes.yaml'),
|
|
|
|
|
help="Yaml file of bad nodes that should also be excluded")
|
|
|
|
|
parser.add_argument('--contact', type=str, default='Empty,NoEmail',
|
|
|
|
|
help="comma sep list of conditions - Empty,NoEmail")
|
|
|
|
|
parser.add_argument('--bad_contacts', type=str,
|
|
|
|
|
default='/tmp/badcontacts.yaml',
|
|
|
|
|
default=os.path.join(ETC_DIR, 'badcontacts.yaml'),
|
|
|
|
|
help="Yaml file of bad contacts that bad FPs are using")
|
|
|
|
|
parser.add_argument('--wait_boot', type=int, default=120,
|
|
|
|
|
help="Seconds to wait for Tor to booststrap")
|
|
|
|
|
parser.add_argument('--log_level', type=int, default=20,
|
|
|
|
|
help="10=debug 20=info 30=warn 40=error")
|
|
|
|
|
parser.add_argument('--bad_sections', type=str,
|
|
|
|
|
default='Hetzner,BadExit',
|
|
|
|
|
default='MyBadExit',
|
|
|
|
|
help="sections of the badnodes.yaml to use, comma separated, '' BROKEN")
|
|
|
|
|
parser.add_argument('--white_onions', type=str,
|
|
|
|
|
default='',
|
|
|
|
|
@ -479,8 +479,7 @@ def oMainArgparser(_=None):
|
|
|
|
|
help="Write the proof data of the included nodes to a YAML file")
|
|
|
|
|
return parser
|
|
|
|
|
|
|
|
|
|
def vwrite_badnodes(oArgs):
|
|
|
|
|
global oBAD_NODES
|
|
|
|
|
def vwrite_badnodes(oArgs, oBAD_NODES):
|
|
|
|
|
if oArgs.bad_nodes:
|
|
|
|
|
tmp = oArgs.bad_nodes +'.tmp'
|
|
|
|
|
bak = oArgs.bad_nodes +'.bak'
|
|
|
|
|
@ -492,8 +491,7 @@ def vwrite_badnodes(oArgs):
|
|
|
|
|
os.rename(oArgs.bad_nodes, bak)
|
|
|
|
|
os.rename(tmp, oArgs.bad_nodes)
|
|
|
|
|
|
|
|
|
|
def vwrite_goodnodes(oArgs):
|
|
|
|
|
global oGOOD_NODES
|
|
|
|
|
def vwrite_goodnodes(oArgs, oGOOD_NODES):
|
|
|
|
|
if oArgs.good_nodes:
|
|
|
|
|
tmp = oArgs.good_nodes +'.tmp'
|
|
|
|
|
bak = oArgs.good_nodes +'.bak'
|
|
|
|
|
@ -580,7 +578,7 @@ def iMain(lArgs):
|
|
|
|
|
|
|
|
|
|
relays = controller.get_server_descriptors()
|
|
|
|
|
|
|
|
|
|
lProofGoodFps = []
|
|
|
|
|
tProofGoodFps = set()
|
|
|
|
|
iDnsContact = 0
|
|
|
|
|
lBadContactUrls = []
|
|
|
|
|
iFakeContact = 0
|
|
|
|
|
@ -595,7 +593,7 @@ def iMain(lArgs):
|
|
|
|
|
continue
|
|
|
|
|
relay.fingerprint = relay.fingerprint.upper()
|
|
|
|
|
|
|
|
|
|
sofar = f"G:{len(list(aProofUri.keys()))} U:{iDnsContact} F:{iFakeContact} BF:{len(exit_excludelist)} GF:{len(lProofGoodFps)} #{iR}"
|
|
|
|
|
sofar = f"G:{len(list(aProofUri.keys()))} U:{iDnsContact} F:{iFakeContact} BF:{len(exit_excludelist)} GF:{len(tProofGoodFps)} #{iR}"
|
|
|
|
|
if not relay.exit_policy.is_exiting_allowed():
|
|
|
|
|
if sEXCLUDE_EXIT_KEY == 'ExcludeNodes':
|
|
|
|
|
LOG.debug(f"{relay.fingerprint} not an exit {sofar}")
|
|
|
|
|
@ -603,14 +601,14 @@ def iMain(lArgs):
|
|
|
|
|
LOG.warn(f"{relay.fingerprint} not an exit {sofar}")
|
|
|
|
|
# continue
|
|
|
|
|
|
|
|
|
|
if relay.fingerprint in lProofGoodFps:
|
|
|
|
|
if relay.fingerprint in tProofGoodFps:
|
|
|
|
|
# we already have it.
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
if relay.fingerprint in aTRUST_DB:
|
|
|
|
|
if aTRUST_DB[relay.fingerprint]['fps'] and \
|
|
|
|
|
relay.fingerprint in aTRUST_DB[relay.fingerprint]['fps']:
|
|
|
|
|
lProofGoodFps += relay.fingerprint
|
|
|
|
|
tProofGoodFps.add(relay.fingerprint)
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
if relay.contact and b'dns-rsa' in relay.contact.lower():
|
|
|
|
|
@ -676,7 +674,7 @@ def iMain(lArgs):
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
# great contact had good fps and we are in them
|
|
|
|
|
lProofGoodFps += b['fps']
|
|
|
|
|
tProofGoodFps.union(b['fps'])
|
|
|
|
|
if relay.fingerprint in aProofUri.keys():
|
|
|
|
|
# a cached entry
|
|
|
|
|
continue
|
|
|
|
|
@ -710,7 +708,7 @@ def iMain(lArgs):
|
|
|
|
|
if oArgs.torrc_output and exit_excludelist:
|
|
|
|
|
with open(oArgs.torrc_output, 'wt') as oFTorrc:
|
|
|
|
|
oFTorrc.write(f"{sEXCLUDE_EXIT_KEY} {','.join(exit_excludelist)}\n")
|
|
|
|
|
oFTorrc.write(f"{sINCLUDE_EXIT_KEY} {','.join(lProofGoodFps)}\n")
|
|
|
|
|
oFTorrc.write(f"{sINCLUDE_EXIT_KEY} {','.join(tProofGoodFps)}\n")
|
|
|
|
|
oFTorrc.write(f"{sINCLUDE_GUARD_KEY} {','.join(o[oGOOD_ROOT]['GuardNodes'])}\n")
|
|
|
|
|
LOG.info(f"Wrote tor configuration to {oArgs.torrc_output}")
|
|
|
|
|
oFTorrc.close()
|
|
|
|
|
@ -722,14 +720,14 @@ def iMain(lArgs):
|
|
|
|
|
oFYaml.close()
|
|
|
|
|
|
|
|
|
|
global oBAD_NODES
|
|
|
|
|
oBAD_NODES['BadNodes']['ExcludeNodes']['BadExit'] = exit_excludelist
|
|
|
|
|
oBAD_NODES[oBAD_ROOT]['ExcludeNodes']['BadExit'] = exit_excludelist
|
|
|
|
|
global lKNOWN_NODNS
|
|
|
|
|
o[oBAD_ROOT]['ExcludeDomains'] = lKNOWN_NODNS
|
|
|
|
|
vwrite_badnodes(oArgs)
|
|
|
|
|
oBAD_NODES[oBAD_ROOT]['ExcludeDomains'] = lKNOWN_NODNS
|
|
|
|
|
vwrite_badnodes(oArgs, oBAD_NODES)
|
|
|
|
|
|
|
|
|
|
global oGOOD_NODES
|
|
|
|
|
oGOOD_NODES['GoodNodes']['Relays']['ExitNodes'] = lProofGoodFps
|
|
|
|
|
vwrite_goodnodes(oArgs)
|
|
|
|
|
oGOOD_NODES['GoodNodes']['Relays']['ExitNodes'] = tProofGoodFps
|
|
|
|
|
vwrite_goodnodes(oArgs, oGOOD_NODES)
|
|
|
|
|
|
|
|
|
|
retval = 0
|
|
|
|
|
try:
|
|
|
|
|
@ -744,9 +742,9 @@ def iMain(lArgs):
|
|
|
|
|
retval += 1
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
if lProofGoodFps:
|
|
|
|
|
LOG.info(f"{sINCLUDE_EXIT_KEY} {len(lProofGoodFps)} good nodes")
|
|
|
|
|
controller.set_conf(sINCLUDE_EXIT_KEY, lProofGoodFps)
|
|
|
|
|
if tProofGoodFps:
|
|
|
|
|
LOG.info(f"{sINCLUDE_EXIT_KEY} {len(tProofGoodFps)} good nodes")
|
|
|
|
|
controller.set_conf(sINCLUDE_EXIT_KEY, tProofGoodFps)
|
|
|
|
|
except stem.SocketClosed as e:
|
|
|
|
|
LOG.error(f"Failed setting {sINCLUDE_EXIT_KEY} good exit nodes in Tor")
|
|
|
|
|
retval += 1
|
|
|
|
|
@ -765,8 +763,6 @@ def iMain(lArgs):
|
|
|
|
|
except InvalidRequest as e:
|
|
|
|
|
# Unacceptable option value: Invalid router list.
|
|
|
|
|
LOG.error(str(e))
|
|
|
|
|
LOG.warn(f"lProofGoodFps: {lProofGoodFps}")
|
|
|
|
|
LOG.warn(f"{sEXCLUDE_EXIT_KEY}: {exit_excludelist}")
|
|
|
|
|
retval = 1
|
|
|
|
|
return retval
|
|
|
|
|
except KeyboardInterrupt:
|
|
|
|
|
|
emdee
1 year ago