/**
* Publishes a hidden service
*
* @param hiddenServicePort The port that the hidden service will accept connections on
* @param localPort The local port that the hidden service will relay connections to
* @return The hidden service's onion address in the form X.onion.
* @throws java.io.IOException - File errors
*/
public synchronized String publishHiddenService(int hiddenServicePort, int localPort)
throws IOException {
if (controlConnection == null) {
throw new RuntimeException("Service is not running.");
}
List<ConfigEntry> currentHiddenServices = controlConnection.getConf("HiddenServiceOptions");
if ((currentHiddenServices.size() == 1
&& currentHiddenServices.get(0).key.compareTo("HiddenServiceOptions") == 0
&& currentHiddenServices.get(0).value.compareTo("") == 0)
== false) {
throw new RuntimeException(
"Sorry, only one hidden service to a customer and we already have one. Please send complaints to https://github.com/thaliproject/Tor_Onion_Proxy_Library/issues/5 with your scenario so we can justify fixing this.");
}
LOG.info("Creating hidden service");
File hostnameFile = onionProxyContext.getHostNameFile();
if (hostnameFile.getParentFile().exists() == false
&& hostnameFile.getParentFile().mkdirs() == false) {
throw new RuntimeException("Could not create hostnameFile parent directory");
}
if (hostnameFile.exists() == false && hostnameFile.createNewFile() == false) {
throw new RuntimeException("Could not create hostnameFile");
}
// Watch for the hostname file being created/updated
WriteObserver hostNameFileObserver = onionProxyContext.generateWriteObserver(hostnameFile);
// Use the control connection to update the Tor config
List<String> config =
Arrays.asList(
"HiddenServiceDir " + hostnameFile.getParentFile().getAbsolutePath(),
"HiddenServicePort " + hiddenServicePort + " 127.0.0.1:" + localPort);
controlConnection.setConf(config);
controlConnection.saveConf();
// Wait for the hostname file to be created/updated
if (!hostNameFileObserver.poll(HOSTNAME_TIMEOUT, MILLISECONDS)) {
FileUtilities.listFilesToLog(hostnameFile.getParentFile());
throw new RuntimeException("Wait for hidden service hostname file to be created expired.");
}
// Publish the hidden service's onion hostname in transport properties
String hostname = new String(FileUtilities.read(hostnameFile), "UTF-8").trim();
LOG.info("Hidden service config has completed.");
return hostname;
}
/**
* Installs all necessary files and starts the Tor OP in offline mode (e.g.
* networkEnabled(false)). This would only be used if you wanted to start the Tor OP so that the
* install and related is all done but aren't ready to actually connect it to the network.
*
* @return True if all files installed and Tor OP successfully started
* @throws java.io.IOException - IO Exceptions
* @throws java.lang.InterruptedException - If we are, well, interrupted
*/
public synchronized boolean installAndStartTorOp() throws IOException, InterruptedException {
// The Tor OP will die if it looses the connection to its socket so if there is no controlSocket
// defined
// then Tor is dead. This assumes, of course, that takeOwnership works and we can't end up with
// Zombies.
if (controlConnection != null) {
LOG.info("Tor is already running");
return true;
}
// The code below is why this method is synchronized, we don't want two instances of it running
// at once
// as the result would be a mess of screwed up files and connections.
LOG.info("Tor is not running");
installAndConfigureFiles();
LOG.info("Starting Tor");
File cookieFile = onionProxyContext.getCookieFile();
if (cookieFile.getParentFile().exists() == false
&& cookieFile.getParentFile().mkdirs() == false) {
throw new RuntimeException("Could not create cookieFile parent directory");
}
// The original code from Briar watches individual files, not a directory and Android's file
// observer
// won't work on files that don't exist. Rather than take 5 seconds to rewrite Briar's code I
// instead
// just make sure the file exists
if (cookieFile.exists() == false && cookieFile.createNewFile() == false) {
throw new RuntimeException("Could not create cookieFile");
}
File workingDirectory = onionProxyContext.getWorkingDirectory();
// Watch for the auth cookie file being created/updated
WriteObserver cookieObserver = onionProxyContext.generateWriteObserver(cookieFile);
// Start a new Tor process
String torPath = onionProxyContext.getTorExecutableFile().getAbsolutePath();
String configPath = onionProxyContext.getTorrcFile().getAbsolutePath();
String pid = onionProxyContext.getProcessId();
String[] cmd = {torPath, "-f", configPath, OWNER, pid};
String[] env = onionProxyContext.getEnvironmentArgsForExec();
ProcessBuilder processBuilder = new ProcessBuilder(cmd);
onionProxyContext.setEnvironmentArgsAndWorkingDirectoryForStart(processBuilder);
Process torProcess = null;
try {
// torProcess = Runtime.getRuntime().exec(cmd, env, workingDirectory);
torProcess = processBuilder.start();
CountDownLatch controlPortCountDownLatch = new CountDownLatch(1);
eatStream(torProcess.getInputStream(), false, controlPortCountDownLatch);
eatStream(torProcess.getErrorStream(), true, null);
// On platforms other than Windows we run as a daemon and so we need to wait for the process
// to detach
// or exit. In the case of Windows the equivalent is running as a service and unfortunately
// that requires
// managing the service, such as turning it off or uninstalling it when it's time to move on.
// Any number
// of errors can prevent us from doing the cleanup and so we would leave the process running
// around. Rather
// than do that on Windows we just let the process run on the exec and hence don't look for an
// exit code.
// This does create a condition where the process has exited due to a problem but we should
// hopefully
// detect that when we try to use the control connection.
if (OsData.getOsType() != OsData.OsType.Windows) {
int exit = torProcess.waitFor();
torProcess = null;
if (exit != 0) {
LOG.warn("Tor exited with value " + exit);
return false;
}
}
// Wait for the auth cookie file to be created/updated
if (!cookieObserver.poll(COOKIE_TIMEOUT, MILLISECONDS)) {
LOG.warn("Auth cookie not created");
FileUtilities.listFilesToLog(workingDirectory);
return false;
}
// Now we should be able to connect to the new process
controlPortCountDownLatch.await();
controlSocket = new Socket("127.0.0.1", control_port);
// Open a control connection and authenticate using the cookie file
TorControlConnection controlConnection = new TorControlConnection(controlSocket);
controlConnection.authenticate(FileUtilities.read(cookieFile));
// Tell Tor to exit when the control connection is closed
controlConnection.takeOwnership();
controlConnection.resetConf(Collections.singletonList(OWNER));
// Register to receive events from the Tor process
controlConnection.setEventHandler(new OnionProxyManagerEventHandler());
controlConnection.setEvents(Arrays.asList(EVENTS));
// We only set the class property once the connection is in a known good state
this.controlConnection = controlConnection;
return true;
} catch (SecurityException e) {
LOG.warn(e.toString(), e);
return false;
} catch (InterruptedException e) {
LOG.warn("Interrupted while starting Tor", e);
Thread.currentThread().interrupt();
return false;
} finally {
if (controlConnection == null && torProcess != null) {
// It's possible that something 'bad' could happen after we executed exec but before we
// takeOwnership()
// in which case the Tor OP will hang out as a zombie until this process is killed. This is
// problematic
// when we want to do things like
torProcess.destroy();
}
}
}