use socket for tor hidden service
This avoids needing to bind to the right port before something else does. The socket is in /var/run/user/$uid/ which ought to be writable by only that uid. At least it is on linux systems using systemd. For Windows, may need to revisit this and use ports or something. The first version of tor to support sockets for hidden services was 0.2.6.3. That is not in Debian stable, but is available in backports. This commit was sponsored by andrea rota.
This commit is contained in:
Joey Hess
parent
07ad19f421
commit
57d33f7923
3 changed files with 55 additions and 38 deletions
|
|
@ -10,19 +10,25 @@ module Command.EnableTor where
|
|||
import Command
|
||||
import Utility.Tor
|
||||
|
||||
-- This runs as root, so avoid making any commits or initializing
|
||||
-- git-annex, as that would create root-owned files.
|
||||
cmd :: Command
|
||||
cmd = noCommit $ dontCheck repoExists $
|
||||
command "enable-tor" SectionPlumbing ""
|
||||
paramNumber (withParams seek)
|
||||
"userid uuid" (withParams seek)
|
||||
|
||||
seek :: CmdParams -> CommandSeek
|
||||
seek = withWords start
|
||||
|
||||
start :: CmdParams -> CommandStart
|
||||
start (localport:[]) = case readish localport of
|
||||
Nothing -> error "Bad localport"
|
||||
Just lp -> do
|
||||
(onionaddr, onionport) <- liftIO $ addHiddenService lp
|
||||
liftIO $ putStrLn (onionaddr ++ ":" ++ show onionport)
|
||||
start (suserid:uuid:[]) = case readish suserid of
|
||||
Nothing -> error "Bad userid"
|
||||
Just userid -> do
|
||||
(onionaddr, onionport, onionsocket) <- liftIO $
|
||||
addHiddenService userid uuid
|
||||
liftIO $ putStrLn $
|
||||
onionaddr ++ ":" ++
|
||||
show onionport ++ " " ++
|
||||
show onionsocket
|
||||
stop
|
||||
start _ = error "Need 1 localport parameter"
|
||||
start _ = error "Bad params"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue