コード例 #1
0
  /**
   * Publishes a hidden service
   *
   * @param hiddenServicePort The port that the hidden service will accept connections on
   * @param localPort The local port that the hidden service will relay connections to
   * @return The hidden service's onion address in the form X.onion.
   * @throws java.io.IOException - File errors
   */
  public synchronized String publishHiddenService(int hiddenServicePort, int localPort)
      throws IOException {
    if (controlConnection == null) {
      throw new RuntimeException("Service is not running.");
    }

    List<ConfigEntry> currentHiddenServices = controlConnection.getConf("HiddenServiceOptions");

    if ((currentHiddenServices.size() == 1
            && currentHiddenServices.get(0).key.compareTo("HiddenServiceOptions") == 0
            && currentHiddenServices.get(0).value.compareTo("") == 0)
        == false) {
      throw new RuntimeException(
          "Sorry, only one hidden service to a customer and we already have one. Please send complaints to https://github.com/thaliproject/Tor_Onion_Proxy_Library/issues/5 with your scenario so we can justify fixing this.");
    }

    LOG.info("Creating hidden service");
    File hostnameFile = onionProxyContext.getHostNameFile();

    if (hostnameFile.getParentFile().exists() == false
        && hostnameFile.getParentFile().mkdirs() == false) {
      throw new RuntimeException("Could not create hostnameFile parent directory");
    }

    if (hostnameFile.exists() == false && hostnameFile.createNewFile() == false) {
      throw new RuntimeException("Could not create hostnameFile");
    }

    // Watch for the hostname file being created/updated
    WriteObserver hostNameFileObserver = onionProxyContext.generateWriteObserver(hostnameFile);
    // Use the control connection to update the Tor config
    List<String> config =
        Arrays.asList(
            "HiddenServiceDir " + hostnameFile.getParentFile().getAbsolutePath(),
            "HiddenServicePort " + hiddenServicePort + " 127.0.0.1:" + localPort);
    controlConnection.setConf(config);
    controlConnection.saveConf();
    // Wait for the hostname file to be created/updated
    if (!hostNameFileObserver.poll(HOSTNAME_TIMEOUT, MILLISECONDS)) {
      FileUtilities.listFilesToLog(hostnameFile.getParentFile());
      throw new RuntimeException("Wait for hidden service hostname file to be created expired.");
    }

    // Publish the hidden service's onion hostname in transport properties
    String hostname = new String(FileUtilities.read(hostnameFile), "UTF-8").trim();
    LOG.info("Hidden service config has completed.");

    return hostname;
  }
コード例 #2
0
  /**
   * Installs all necessary files and starts the Tor OP in offline mode (e.g.
   * networkEnabled(false)). This would only be used if you wanted to start the Tor OP so that the
   * install and related is all done but aren't ready to actually connect it to the network.
   *
   * @return True if all files installed and Tor OP successfully started
   * @throws java.io.IOException - IO Exceptions
   * @throws java.lang.InterruptedException - If we are, well, interrupted
   */
  public synchronized boolean installAndStartTorOp() throws IOException, InterruptedException {
    // The Tor OP will die if it looses the connection to its socket so if there is no controlSocket
    // defined
    // then Tor is dead. This assumes, of course, that takeOwnership works and we can't end up with
    // Zombies.
    if (controlConnection != null) {
      LOG.info("Tor is already running");
      return true;
    }

    // The code below is why this method is synchronized, we don't want two instances of it running
    // at once
    // as the result would be a mess of screwed up files and connections.
    LOG.info("Tor is not running");

    installAndConfigureFiles();

    LOG.info("Starting Tor");
    File cookieFile = onionProxyContext.getCookieFile();
    if (cookieFile.getParentFile().exists() == false
        && cookieFile.getParentFile().mkdirs() == false) {
      throw new RuntimeException("Could not create cookieFile parent directory");
    }

    // The original code from Briar watches individual files, not a directory and Android's file
    // observer
    // won't work on files that don't exist. Rather than take 5 seconds to rewrite Briar's code I
    // instead
    // just make sure the file exists
    if (cookieFile.exists() == false && cookieFile.createNewFile() == false) {
      throw new RuntimeException("Could not create cookieFile");
    }

    File workingDirectory = onionProxyContext.getWorkingDirectory();
    // Watch for the auth cookie file being created/updated
    WriteObserver cookieObserver = onionProxyContext.generateWriteObserver(cookieFile);
    // Start a new Tor process
    String torPath = onionProxyContext.getTorExecutableFile().getAbsolutePath();
    String configPath = onionProxyContext.getTorrcFile().getAbsolutePath();
    String pid = onionProxyContext.getProcessId();
    String[] cmd = {torPath, "-f", configPath, OWNER, pid};
    String[] env = onionProxyContext.getEnvironmentArgsForExec();
    ProcessBuilder processBuilder = new ProcessBuilder(cmd);
    onionProxyContext.setEnvironmentArgsAndWorkingDirectoryForStart(processBuilder);
    Process torProcess = null;
    try {
      //            torProcess = Runtime.getRuntime().exec(cmd, env, workingDirectory);
      torProcess = processBuilder.start();
      CountDownLatch controlPortCountDownLatch = new CountDownLatch(1);
      eatStream(torProcess.getInputStream(), false, controlPortCountDownLatch);
      eatStream(torProcess.getErrorStream(), true, null);

      // On platforms other than Windows we run as a daemon and so we need to wait for the process
      // to detach
      // or exit. In the case of Windows the equivalent is running as a service and unfortunately
      // that requires
      // managing the service, such as turning it off or uninstalling it when it's time to move on.
      // Any number
      // of errors can prevent us from doing the cleanup and so we would leave the process running
      // around. Rather
      // than do that on Windows we just let the process run on the exec and hence don't look for an
      // exit code.
      // This does create a condition where the process has exited due to a problem but we should
      // hopefully
      // detect that when we try to use the control connection.
      if (OsData.getOsType() != OsData.OsType.Windows) {
        int exit = torProcess.waitFor();
        torProcess = null;
        if (exit != 0) {
          LOG.warn("Tor exited with value " + exit);
          return false;
        }
      }

      // Wait for the auth cookie file to be created/updated
      if (!cookieObserver.poll(COOKIE_TIMEOUT, MILLISECONDS)) {
        LOG.warn("Auth cookie not created");
        FileUtilities.listFilesToLog(workingDirectory);
        return false;
      }

      // Now we should be able to connect to the new process
      controlPortCountDownLatch.await();
      controlSocket = new Socket("127.0.0.1", control_port);

      // Open a control connection and authenticate using the cookie file
      TorControlConnection controlConnection = new TorControlConnection(controlSocket);
      controlConnection.authenticate(FileUtilities.read(cookieFile));
      // Tell Tor to exit when the control connection is closed
      controlConnection.takeOwnership();
      controlConnection.resetConf(Collections.singletonList(OWNER));
      // Register to receive events from the Tor process
      controlConnection.setEventHandler(new OnionProxyManagerEventHandler());
      controlConnection.setEvents(Arrays.asList(EVENTS));

      // We only set the class property once the connection is in a known good state
      this.controlConnection = controlConnection;
      return true;
    } catch (SecurityException e) {
      LOG.warn(e.toString(), e);
      return false;
    } catch (InterruptedException e) {
      LOG.warn("Interrupted while starting Tor", e);
      Thread.currentThread().interrupt();
      return false;
    } finally {
      if (controlConnection == null && torProcess != null) {
        // It's possible that something 'bad' could happen after we executed exec but before we
        // takeOwnership()
        // in which case the Tor OP will hang out as a zombie until this process is killed. This is
        // problematic
        // when we want to do things like
        torProcess.destroy();
      }
    }
  }