From 16bd3291e33edd0a9979c52c908cfe63bd1a2348 Mon Sep 17 00:00:00 2001 From: Miguel Jacq Date: Fri, 19 Jan 2018 15:31:11 +1100 Subject: [PATCH 1/2] Support for obfs4 in custom bridges --- onionshare/onion.py | 2 ++ onionshare_gui/settings_dialog.py | 2 +- share/locale/en.json | 6 +++--- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/onionshare/onion.py b/onionshare/onion.py index bae90f4c..28f03f2d 100644 --- a/onionshare/onion.py +++ b/onionshare/onion.py @@ -212,6 +212,8 @@ class Onion(object): for line in o: f.write(line) if self.settings.get('tor_bridges_use_custom_bridges'): + if 'obfs4' in self.settings.get('tor_bridges_use_custom_bridges'): + f.write('ClientTransportPlugin obfs4 exec {}\n'.format(self.obfs4proxy_file_path)) f.write(self.settings.get('tor_bridges_use_custom_bridges')) f.write('\nUseBridges 1') diff --git a/onionshare_gui/settings_dialog.py b/onionshare_gui/settings_dialog.py index 18372a47..270fb0e3 100644 --- a/onionshare_gui/settings_dialog.py +++ b/onionshare_gui/settings_dialog.py @@ -734,7 +734,7 @@ class SettingsDialog(QtWidgets.QDialog): for bridge in bridges: if bridge != '': # Check the syntax of the custom bridge to make sure it looks legitimate - pattern = re.compile("[0-9.]+:[0-9]+\s[A-Z0-9]+$") + pattern = re.compile("(obfs4\s)?[0-9.]+:[0-9]+\s[A-Z0-9]+(.+)?$") if pattern.match(bridge): new_bridges.append(''.join(['Bridge ', bridge, '\n'])) bridges_valid = True diff --git a/share/locale/en.json b/share/locale/en.json index cdd89c1e..c189a336 100644 --- a/share/locale/en.json +++ b/share/locale/en.json @@ -93,9 +93,9 @@ "gui_settings_cookie_label": "Cookie path", "gui_settings_tor_bridges": "Tor Bridge support", "gui_settings_tor_bridges_no_bridges_radio_option": "Don't use bridges", - "gui_settings_tor_bridges_obfs4_radio_option": "Use obfs4 pluggable transports", - "gui_settings_tor_bridges_obfs4_radio_option_no_obfs4proxy": "Use obfs4 pluggable transports (requires obfs4proxy)", - "gui_settings_tor_bridges_custom_radio_option": "Use custom bridges (non-pluggable transports)", + "gui_settings_tor_bridges_obfs4_radio_option": "Use built-in obfs4 pluggable transports", + "gui_settings_tor_bridges_obfs4_radio_option_no_obfs4proxy": "Use built-in obfs4 pluggable transports (requires obfs4proxy)", + "gui_settings_tor_bridges_custom_radio_option": "Use custom bridges", "gui_settings_tor_bridges_custom_label": "You can get bridges from https://bridges.torproject.org", "gui_settings_tor_bridges_invalid": "None of the bridges you supplied seem to be valid, so they've been ignored.\nPlease try again with valid bridges.", "gui_settings_button_save": "Save", From 9a3bcb98341d6536df8a6028295b95f81db4f5ae Mon Sep 17 00:00:00 2001 From: Miguel Jacq Date: Mon, 22 Jan 2018 16:24:26 +1100 Subject: [PATCH 2/2] stricter regex of IPv4 as well as IPv6 IPs in custom bridges --- onionshare_gui/settings_dialog.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/onionshare_gui/settings_dialog.py b/onionshare_gui/settings_dialog.py index 270fb0e3..d53ac303 100644 --- a/onionshare_gui/settings_dialog.py +++ b/onionshare_gui/settings_dialog.py @@ -734,8 +734,9 @@ class SettingsDialog(QtWidgets.QDialog): for bridge in bridges: if bridge != '': # Check the syntax of the custom bridge to make sure it looks legitimate - pattern = re.compile("(obfs4\s)?[0-9.]+:[0-9]+\s[A-Z0-9]+(.+)?$") - if pattern.match(bridge): + ipv4_pattern = re.compile("(obfs4\s)?(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]+\s[A-Z0-9]+(.+)?$") + ipv6_pattern = re.compile("(obfs4\s)?\[(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))\]:[0-9]+\s[A-Z0-9]+(.+)?$") + if ipv4_pattern.match(bridge) or ipv6_pattern.match(bridge): new_bridges.append(''.join(['Bridge ', bridge, '\n'])) bridges_valid = True if bridges_valid: