Add support for Tor control port authentication

2024-10-01 01:35:40 -04:00 · 2016-12-22 13:39:32 -08:00 · 2016-12-22 13:39:32 -08:00 · e46c4f510a
commit e46c4f510a
parent 5ebc745d60
2 changed files with 17 additions and 4 deletions
--- a/onionshare/onion.py
+++ b/onionshare/onion.py
@ -20,6 +20,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.

 from stem.control import Controller
 from stem import SocketError
+from stem.connection import MissingPassword, UnreadableCookieFile
 import os, sys, tempfile, shutil, urllib

 from . import socks
@ -54,22 +55,32 @@ class Onion(object):
        self.cleanup_filenames = []
        self.service_id = None

-        # connect to the tor controlport
-        found_tor = False
-        self.c = None
+        # if the TOR_CONTROL_PORT environment variable is set, use that
+        # otherwise, default to Tor Browser, Tor Messenger, and system tor ports
        env_port = os.environ.get('TOR_CONTROL_PORT')
        if env_port:
            ports = [int(env_port)]
        else:
            ports = [9151, 9153, 9051]
+
+        # if the TOR_AUTHENTICATION_PASSWORD is set, use that to authenticate
+        password = os.environ.get('TOR_AUTHENTICATION_PASSWORD')
+
+        # connect to the tor controlport
+        found_tor = False
+        self.c = None
        for port in ports:
            try:
                self.c = Controller.from_port(port=port)
-                self.c.authenticate()
+                self.c.authenticate(password)
                found_tor = True
                break
            except SocketError:
                pass
+            except MissingPassword:
+                raise NoTor(strings._("ctrlport_missing_password").format(str(ports)))
+            except UnreadableCookieFile:
+                raise NoTor(strings._("ctrlport_unreadable_cookie").format(str(ports)))
        if not found_tor:
            raise NoTor(strings._("cant_connect_ctrlport").format(str(ports)))

--- a/resources/locale/en.json
+++ b/resources/locale/en.json
@ -2,6 +2,8 @@
    "connecting_ctrlport": "Connecting to Tor control port to set up onion service on port {0:d}.",
    "cant_connect_ctrlport": "Can't connect to Tor control port on port {0:s}. OnionShare requires Tor Browser to be running in the background to work. If you don't have it you can get it from https://www.torproject.org/.",
    "cant_connect_socksport": "Can't connect to Tor SOCKS5 server on port {0:s}. OnionShare requires Tor Browser to be running in the background to work. If you don't have it you can get it from https://www.torproject.org/.",
+    "ctrlport_missing_password": "Connected to Tor control port on port {0:s}, but you require a password. You must have the TOR_AUTHENTICATION_PASSWORD environment variable set. Or just open Tor Browser in the background.",
+    "ctrlport_unreadable_cookie": "Connected to Tor control port on port {0:s}, but your user does not have permission to authenticate. You might want to add a HashedControlPassword to your torrc, and set the TOR_AUTHENTICATION_PASSWORD environment variable. Or just open Tor Browser in the background.",
    "preparing_files": "Preparing files to share.",
    "wait_for_hs": "Waiting for HS to be ready:",
    "wait_for_hs_trying": "Trying...",