git-annex enable-tor command

Tor unfortunately does not come out of the box configured to let hidden
services register themselves on the fly via the ControlPort.

And, changing the config to enable the ControlPort and a particular type
of auth for it may break something already using the ControlPort, or
lessen the security of the system.

So, this leaves only one option to us: Add a hidden service to the
torrc. git-annex enable-tor does so, and picks an unused high port for
tor to listen on for connections to the hidden service.

It's up to the caller to somehow pick a local port to listen on
that won't be used by something else. That may be difficult to do..

This commit was sponsored by Jochen Bartl on Patreon.
This commit is contained in:
Joey Hess 2016-11-14 13:26:34 -04:00
parent a7fd200440
commit 07ad19f421
No known key found for this signature in database
GPG key ID: C910D9222512E3C7
5 changed files with 127 additions and 0 deletions

28
Command/EnableTor.hs Normal file
View file

@ -0,0 +1,28 @@
{- git-annex command
-
- Copyright 2016 Joey Hess <id@joeyh.name>
-
- Licensed under the GNU GPL version 3 or higher.
-}
module Command.EnableTor where
import Command
import Utility.Tor
cmd :: Command
cmd = noCommit $ dontCheck repoExists $
command "enable-tor" SectionPlumbing ""
paramNumber (withParams seek)
seek :: CmdParams -> CommandSeek
seek = withWords start
start :: CmdParams -> CommandStart
start (localport:[]) = case readish localport of
Nothing -> error "Bad localport"
Just lp -> do
(onionaddr, onionport) <- liftIO $ addHiddenService lp
liftIO $ putStrLn (onionaddr ++ ":" ++ show onionport)
stop
start _ = error "Need 1 localport parameter"