mirror of
https://github.com/onionshare/onionshare.git
synced 2025-01-12 15:59:30 -05:00
2499 lines
86 KiB
Python
2499 lines
86 KiB
Python
# Copyright 2011-2013, Damian Johnson and The Tor Project
|
|
# See LICENSE for licensing information
|
|
|
|
"""
|
|
Classes for interacting with the tor control socket.
|
|
|
|
Controllers are a wrapper around a :class:`~stem.socket.ControlSocket`,
|
|
retaining many of its methods (connect, close, is_alive, etc) in addition to
|
|
providing its own for interacting at a higher level.
|
|
|
|
**Module Overview:**
|
|
|
|
::
|
|
|
|
Controller - General controller class intended for direct use
|
|
| |- from_port - Provides a Controller based on a port connection.
|
|
| +- from_socket_file - Provides a Controller based on a socket file connection.
|
|
|
|
|
|- authenticate - authenticates this controller with tor
|
|
|
|
|
|- get_info - issues a GETINFO query for a parameter
|
|
|- get_version - provides our tor version
|
|
|- get_exit_policy - provides our exit policy
|
|
|- get_socks_listeners - provides where tor is listening for SOCKS connections
|
|
|- get_protocolinfo - information about the controller interface
|
|
|- get_user - provides the user tor is running as
|
|
|- get_pid - provides the pid of our tor process
|
|
|
|
|
|- get_microdescriptor - querying the microdescriptor for a relay
|
|
|- get_microdescriptors - provides all presently available microdescriptors
|
|
|- get_server_descriptor - querying the server descriptor for a relay
|
|
|- get_server_descriptors - provides all presently available server descriptors
|
|
|- get_network_status - querying the router status entry for a relay
|
|
|- get_network_statuses - provides all preently available router status entries
|
|
|
|
|
|- get_conf - gets the value of a configuration option
|
|
|- get_conf_map - gets the values of multiple configuration options
|
|
|- set_conf - sets the value of a configuration option
|
|
|- reset_conf - reverts configuration options to their default values
|
|
|- set_options - sets or resets the values of multiple configuration options
|
|
|
|
|
|- add_event_listener - attaches an event listener to be notified of tor events
|
|
|- remove_event_listener - removes a listener so it isn't notified of further events
|
|
|
|
|
|- is_caching_enabled - true if the controller has enabled caching
|
|
|- set_caching - enables or disables caching
|
|
|- clear_cache - clears any cached results
|
|
|
|
|
|- load_conf - loads configuration information as if it was in the torrc
|
|
|- save_conf - saves configuration information to the torrc
|
|
|
|
|
|- is_feature_enabled - checks if a given controller feature is enabled
|
|
|- enable_feature - enables a controller feature that has been disabled by default
|
|
|
|
|
|- get_circuit - provides an active circuit
|
|
|- get_circuits - provides a list of active circuits
|
|
|- new_circuit - create new circuits
|
|
|- extend_circuit - create new circuits and extend existing ones
|
|
|- repurpose_circuit - change a circuit's purpose
|
|
|- close_circuit - close a circuit
|
|
|
|
|
|- get_streams - provides a list of active streams
|
|
|- attach_stream - attach a stream to a circuit
|
|
|- close_stream - close a stream
|
|
|
|
|
|- signal - sends a signal to the tor client
|
|
|- is_geoip_unavailable - true if we've discovered our geoip db to be unavailable
|
|
+- map_address - maps one address to another such that connections to the original are replaced with the other
|
|
|
|
BaseController - Base controller class asynchronous message handling
|
|
|- msg - communicates with the tor process
|
|
|- is_alive - reports if our connection to tor is open or closed
|
|
|- is_authenticated - checks if we're authenticated to tor
|
|
|- connect - connects or reconnects to tor
|
|
|- close - shuts down our connection to the tor process
|
|
|- get_socket - provides the socket used for control communication
|
|
|- get_latest_heartbeat - timestamp for when we last heard from tor
|
|
|- add_status_listener - notifies a callback of changes in our status
|
|
|- remove_status_listener - prevents further notification of status changes
|
|
+- __enter__ / __exit__ - manages socket connection
|
|
|
|
.. data:: State (enum)
|
|
|
|
Enumeration for states that a controller can have.
|
|
|
|
========== ===========
|
|
State Description
|
|
========== ===========
|
|
**INIT** new control connection
|
|
**RESET** received a reset/sighup signal
|
|
**CLOSED** control connection closed
|
|
========== ===========
|
|
|
|
.. data:: EventType (enum)
|
|
|
|
Known types of events that the
|
|
:func:`~stem.control.Controller.add_event_listener` method of the
|
|
:class:`~stem.control.Controller` can listen for.
|
|
|
|
The most frequently listened for event types tend to be the logging events
|
|
(**DEBUG**, **INFO**, **NOTICE**, **WARN**, and **ERR**), bandwidth usage
|
|
(**BW**), and circuit or stream changes (**CIRC** and **STREAM**).
|
|
|
|
Enums are mapped to :class:`~stem.response.events.Event` subclasses as
|
|
follows...
|
|
|
|
===================== ===========
|
|
EventType Event Class
|
|
===================== ===========
|
|
**ADDRMAP** :class:`stem.response.events.AddrMapEvent`
|
|
**AUTHDIR_NEWDESCS** :class:`stem.response.events.AuthDirNewDescEvent`
|
|
**BUILDTIMEOUT_SET** :class:`stem.response.events.BuildTimeoutSetEvent`
|
|
**BW** :class:`stem.response.events.BandwidthEvent`
|
|
**CIRC** :class:`stem.response.events.CircuitEvent`
|
|
**CIRC_MINOR** :class:`stem.response.events.CircMinorEvent`
|
|
**CLIENTS_SEEN** :class:`stem.response.events.ClientsSeenEvent`
|
|
**CONF_CHANGED** :class:`stem.response.events.ConfChangedEvent`
|
|
**DEBUG** :class:`stem.response.events.LogEvent`
|
|
**DESCCHANGED** :class:`stem.response.events.DescChangedEvent`
|
|
**ERR** :class:`stem.response.events.LogEvent`
|
|
**GUARD** :class:`stem.response.events.GuardEvent`
|
|
**INFO** :class:`stem.response.events.LogEvent`
|
|
**NEWCONSENSUS** :class:`stem.response.events.NewConsensusEvent`
|
|
**NEWDESC** :class:`stem.response.events.NewDescEvent`
|
|
**NOTICE** :class:`stem.response.events.LogEvent`
|
|
**NS** :class:`stem.response.events.NetworkStatusEvent`
|
|
**ORCONN** :class:`stem.response.events.ORConnEvent`
|
|
**SIGNAL** :class:`stem.response.events.SignalEvent`
|
|
**STATUS_CLIENT** :class:`stem.response.events.StatusEvent`
|
|
**STATUS_GENERAL** :class:`stem.response.events.StatusEvent`
|
|
**STATUS_SERVER** :class:`stem.response.events.StatusEvent`
|
|
**STREAM** :class:`stem.response.events.StreamEvent`
|
|
**STREAM_BW** :class:`stem.response.events.StreamBwEvent`
|
|
**WARN** :class:`stem.response.events.LogEvent`
|
|
===================== ===========
|
|
"""
|
|
|
|
import io
|
|
import os
|
|
import Queue
|
|
import StringIO
|
|
import threading
|
|
import time
|
|
|
|
import stem.descriptor.microdescriptor
|
|
import stem.descriptor.reader
|
|
import stem.descriptor.router_status_entry
|
|
import stem.descriptor.server_descriptor
|
|
import stem.exit_policy
|
|
import stem.response
|
|
import stem.response.events
|
|
import stem.socket
|
|
import stem.util.connection
|
|
import stem.util.enum
|
|
import stem.util.str_tools
|
|
import stem.util.system
|
|
import stem.util.tor_tools
|
|
import stem.version
|
|
|
|
from stem import UNDEFINED, CircStatus, Signal
|
|
from stem.util import log
|
|
|
|
# state changes a control socket can have
|
|
|
|
State = stem.util.enum.Enum("INIT", "RESET", "CLOSED")
|
|
|
|
EventType = stem.util.enum.UppercaseEnum(
|
|
"CIRC",
|
|
"STREAM",
|
|
"ORCONN",
|
|
"BW",
|
|
"DEBUG",
|
|
"INFO",
|
|
"NOTICE",
|
|
"WARN",
|
|
"ERR",
|
|
"NEWDESC",
|
|
"ADDRMAP",
|
|
"AUTHDIR_NEWDESCS",
|
|
"DESCCHANGED",
|
|
"STATUS_GENERAL",
|
|
"STATUS_CLIENT",
|
|
"STATUS_SERVER",
|
|
"GUARD",
|
|
"NS",
|
|
"STREAM_BW",
|
|
"CLIENTS_SEEN",
|
|
"NEWCONSENSUS",
|
|
"BUILDTIMEOUT_SET",
|
|
"SIGNAL",
|
|
"CONF_CHANGED",
|
|
"CIRC_MINOR",
|
|
)
|
|
|
|
# Configuration options that are fetched by a special key. The keys are
|
|
# lowercase to make case insensitive lookups easier.
|
|
|
|
MAPPED_CONFIG_KEYS = {
|
|
"hiddenservicedir": "HiddenServiceOptions",
|
|
"hiddenserviceport": "HiddenServiceOptions",
|
|
"hiddenserviceversion": "HiddenServiceOptions",
|
|
"hiddenserviceauthorizeclient": "HiddenServiceOptions",
|
|
"hiddenserviceoptions": "HiddenServiceOptions"
|
|
}
|
|
|
|
# unchangeable GETINFO parameters
|
|
|
|
CACHEABLE_GETINFO_PARAMS = (
|
|
'version',
|
|
'config-file',
|
|
'exit-policy/default',
|
|
'fingerprint',
|
|
'config/names',
|
|
'config/defaults',
|
|
'info/names',
|
|
'events/names',
|
|
'features/names',
|
|
'process/descriptor-limit',
|
|
)
|
|
|
|
# GETCONF parameters we shouldn't cache. This includes hidden service
|
|
# perameters due to the funky way they're set and retrieved (for instance,
|
|
# 'SETCONF HiddenServiceDir' effects 'GETCONF HiddenServiceOptions').
|
|
|
|
UNCACHEABLE_GETCONF_PARAMS = (
|
|
'hiddenserviceoptions',
|
|
'hiddenservicedir',
|
|
'hiddenserviceport',
|
|
'hiddenserviceversion',
|
|
'hiddenserviceauthorizeclient',
|
|
'hiddenserviceoptions',
|
|
)
|
|
|
|
# number of sequential attempts before we decide that the Tor geoip database
|
|
# is unavailable
|
|
GEOIP_FAILURE_THRESHOLD = 5
|
|
|
|
SERVER_DESCRIPTORS_UNSUPPORTED = "Tor is presently not configured to retrieve \
|
|
server descriptors. As of Tor version 0.2.3.25 it downloads microdescriptors \
|
|
instead unless you set 'UseMicrodescriptors 0' in your torrc."
|
|
|
|
|
|
class BaseController(object):
|
|
"""
|
|
Controller for the tor process. This is a minimal base class for other
|
|
controllers, providing basic process communication and event listing. Don't
|
|
use this directly - subclasses like the :class:`~stem.control.Controller`
|
|
provide higher level functionality.
|
|
|
|
It's highly suggested that you don't interact directly with the
|
|
:class:`~stem.socket.ControlSocket` that we're constructed from - use our
|
|
wrapper methods instead.
|
|
"""
|
|
|
|
def __init__(self, control_socket):
|
|
self._socket = control_socket
|
|
self._msg_lock = threading.RLock()
|
|
|
|
self._status_listeners = [] # tuples of the form (callback, spawn_thread)
|
|
self._status_listeners_lock = threading.RLock()
|
|
|
|
# queues where incoming messages are directed
|
|
self._reply_queue = Queue.Queue()
|
|
self._event_queue = Queue.Queue()
|
|
|
|
# thread to continually pull from the control socket
|
|
self._reader_thread = None
|
|
|
|
# thread to pull from the _event_queue and call handle_event
|
|
self._event_notice = threading.Event()
|
|
self._event_thread = None
|
|
|
|
# saves our socket's prior _connect() and _close() methods so they can be
|
|
# called along with ours
|
|
|
|
self._socket_connect = self._socket._connect
|
|
self._socket_close = self._socket._close
|
|
|
|
self._socket._connect = self._connect
|
|
self._socket._close = self._close
|
|
|
|
self._last_heartbeat = 0.0 # timestamp for when we last heard from tor
|
|
self._is_authenticated = False
|
|
|
|
if self._socket.is_alive():
|
|
self._launch_threads()
|
|
|
|
def msg(self, message):
|
|
"""
|
|
Sends a message to our control socket and provides back its reply.
|
|
|
|
:param str message: message to be formatted and sent to tor
|
|
|
|
:returns: :class:`~stem.response.ControlMessage` with the response
|
|
|
|
:raises:
|
|
* :class:`stem.ProtocolError` the content from the socket is
|
|
malformed
|
|
* :class:`stem.SocketError` if a problem arises in using the
|
|
socket
|
|
* :class:`stem.SocketClosed` if the socket is shut down
|
|
"""
|
|
|
|
with self._msg_lock:
|
|
# If our _reply_queue isn't empty then one of a few things happened...
|
|
#
|
|
# - Our connection was closed and probably re-restablished. This was
|
|
# in reply to pulling for an asynchronous event and getting this is
|
|
# expected - ignore it.
|
|
#
|
|
# - Pulling for asynchronous events produced an error. If this was a
|
|
# ProtocolError then it's a tor bug, and if a non-closure SocketError
|
|
# then it was probably a socket glitch. Deserves an INFO level log
|
|
# message.
|
|
#
|
|
# - This is a leftover response for a msg() call. We can't tell who an
|
|
# exception was earmarked for, so we only know that this was the case
|
|
# if it's a ControlMessage. This should not be possible and indicates
|
|
# a stem bug. This deserves a NOTICE level log message since it
|
|
# indicates that one of our callers didn't get their reply.
|
|
|
|
while not self._reply_queue.empty():
|
|
try:
|
|
response = self._reply_queue.get_nowait()
|
|
|
|
if isinstance(response, stem.SocketClosed):
|
|
pass # this is fine
|
|
elif isinstance(response, stem.ProtocolError):
|
|
log.info("Tor provided a malformed message (%s)" % response)
|
|
elif isinstance(response, stem.ControllerError):
|
|
log.info("Socket experienced a problem (%s)" % response)
|
|
elif isinstance(response, stem.response.ControlMessage):
|
|
log.notice("BUG: the msg() function failed to deliver a response: %s" % response)
|
|
except Queue.Empty:
|
|
# the empty() method is documented to not be fully reliable so this
|
|
# isn't entirely surprising
|
|
|
|
break
|
|
|
|
try:
|
|
self._socket.send(message)
|
|
response = self._reply_queue.get()
|
|
|
|
# If the message we received back had an exception then re-raise it to the
|
|
# caller. Otherwise return the response.
|
|
|
|
if isinstance(response, stem.ControllerError):
|
|
raise response
|
|
else:
|
|
# I really, really don't like putting hooks into this method, but
|
|
# this is the most reliable method I can think of for taking actions
|
|
# immediately after successfully authenticating to a connection.
|
|
|
|
if message.upper().startswith("AUTHENTICATE"):
|
|
self._post_authentication()
|
|
|
|
return response
|
|
except stem.SocketClosed as exc:
|
|
# If the recv() thread caused the SocketClosed then we could still be
|
|
# in the process of closing. Calling close() here so that we can
|
|
# provide an assurance to the caller that when we raise a SocketClosed
|
|
# exception we are shut down afterward for realz.
|
|
|
|
self.close()
|
|
raise exc
|
|
|
|
def is_alive(self):
|
|
"""
|
|
Checks if our socket is currently connected. This is a pass-through for our
|
|
socket's :func:`~stem.socket.ControlSocket.is_alive` method.
|
|
|
|
:returns: **bool** that's **True** if our socket is connected and **False** otherwise
|
|
"""
|
|
|
|
return self._socket.is_alive()
|
|
|
|
def is_authenticated(self):
|
|
"""
|
|
Checks if our socket is both connected and authenticated.
|
|
|
|
:returns: **bool** that's **True** if our socket is authenticated to tor
|
|
and **False** otherwise
|
|
"""
|
|
|
|
if self.is_alive():
|
|
return self._is_authenticated
|
|
|
|
return False
|
|
|
|
def connect(self):
|
|
"""
|
|
Reconnects our control socket. This is a pass-through for our socket's
|
|
:func:`~stem.socket.ControlSocket.connect` method.
|
|
|
|
:raises: :class:`stem.SocketError` if unable to make a socket
|
|
"""
|
|
|
|
self._socket.connect()
|
|
|
|
def close(self):
|
|
"""
|
|
Closes our socket connection. This is a pass-through for our socket's
|
|
:func:`~stem.socket.ControlSocket.close` method.
|
|
"""
|
|
|
|
self._socket.close()
|
|
|
|
def get_socket(self):
|
|
"""
|
|
Provides the socket used to speak with the tor process. Communicating with
|
|
the socket directly isn't advised since it may confuse this controller.
|
|
|
|
:returns: :class:`~stem.socket.ControlSocket` we're communicating with
|
|
"""
|
|
|
|
return self._socket
|
|
|
|
def get_latest_heartbeat(self):
|
|
"""
|
|
Provides the unix timestamp for when we last heard from tor. This is zero
|
|
if we've never received a message.
|
|
|
|
:returns: float for the unix timestamp of when we last heard from tor
|
|
"""
|
|
|
|
return self._last_heartbeat
|
|
|
|
def add_status_listener(self, callback, spawn = True):
|
|
"""
|
|
Notifies a given function when the state of our socket changes. Functions
|
|
are expected to be of the form...
|
|
|
|
::
|
|
|
|
my_function(controller, state, timestamp)
|
|
|
|
The state is a value from the :data:`stem.control.State` enum. Functions
|
|
**must** allow for new values. The timestamp is a float for the unix time
|
|
when the change occurred.
|
|
|
|
This class only provides **State.INIT** and **State.CLOSED** notifications.
|
|
Subclasses may provide others.
|
|
|
|
If spawn is **True** then the callback is notified via a new daemon thread.
|
|
If **False** then the notice is under our locks, within the thread where
|
|
the change occurred. In general this isn't advised, especially if your
|
|
callback could block for a while.
|
|
|
|
:param function callback: function to be notified when our state changes
|
|
:param bool spawn: calls function via a new thread if **True**, otherwise
|
|
it's part of the connect/close method call
|
|
"""
|
|
|
|
with self._status_listeners_lock:
|
|
self._status_listeners.append((callback, spawn))
|
|
|
|
def remove_status_listener(self, callback):
|
|
"""
|
|
Stops listener from being notified of further events.
|
|
|
|
:param function callback: function to be removed from our listeners
|
|
|
|
:returns: **bool** that's **True** if we removed one or more occurrences of
|
|
the callback, **False** otherwise
|
|
"""
|
|
|
|
with self._status_listeners_lock:
|
|
new_listeners, is_changed = [], False
|
|
|
|
for listener, spawn in self._status_listeners:
|
|
if listener != callback:
|
|
new_listeners.append((listener, spawn))
|
|
else:
|
|
is_changed = True
|
|
|
|
self._status_listeners = new_listeners
|
|
return is_changed
|
|
|
|
def __enter__(self):
|
|
return self
|
|
|
|
def __exit__(self, exit_type, value, traceback):
|
|
self.close()
|
|
|
|
def _handle_event(self, event_message):
|
|
"""
|
|
Callback to be overwritten by subclasses for event listening. This is
|
|
notified whenever we receive an event from the control socket.
|
|
|
|
:param stem.response.ControlMessage event_message: message received from
|
|
the control socket
|
|
"""
|
|
|
|
pass
|
|
|
|
def _connect(self):
|
|
self._launch_threads()
|
|
self._notify_status_listeners(State.INIT)
|
|
self._socket_connect()
|
|
self._is_authenticated = False
|
|
|
|
def _close(self):
|
|
# Our is_alive() state is now false. Our reader thread should already be
|
|
# awake from recv() raising a closure exception. Wake up the event thread
|
|
# too so it can end.
|
|
|
|
self._event_notice.set()
|
|
self._is_authenticated = False
|
|
|
|
# joins on our threads if it's safe to do so
|
|
|
|
for t in (self._reader_thread, self._event_thread):
|
|
if t and t.is_alive() and threading.current_thread() != t:
|
|
t.join()
|
|
|
|
self._notify_status_listeners(State.CLOSED)
|
|
self._socket_close()
|
|
|
|
def _post_authentication(self):
|
|
# actions to be taken after we have a newly authenticated connection
|
|
|
|
self._is_authenticated = True
|
|
|
|
def _notify_status_listeners(self, state):
|
|
"""
|
|
Informs our status listeners that a state change occurred.
|
|
|
|
:param stem.control.State state: state change that has occurred
|
|
"""
|
|
|
|
# Any changes to our is_alive() state happen under the send lock, so we
|
|
# need to have it to ensure it doesn't change beneath us.
|
|
|
|
with self._socket._get_send_lock():
|
|
with self._status_listeners_lock:
|
|
# States imply that our socket is either alive or not, which may not
|
|
# hold true when multiple events occur in quick succession. For
|
|
# instance, a sighup could cause two events (State.RESET for the sighup
|
|
# and State.CLOSE if it causes tor to crash). However, there's no
|
|
# guarantee of the order in which they occur, and it would be bad if
|
|
# listeners got the State.RESET last, implying that we were alive.
|
|
|
|
expect_alive = None
|
|
|
|
if state in (State.INIT, State.RESET):
|
|
expect_alive = True
|
|
elif state == State.CLOSED:
|
|
expect_alive = False
|
|
|
|
change_timestamp = time.time()
|
|
|
|
if expect_alive is not None and expect_alive != self.is_alive():
|
|
return
|
|
|
|
for listener, spawn in self._status_listeners:
|
|
if spawn:
|
|
name = "%s notification" % state
|
|
args = (self, state, change_timestamp)
|
|
|
|
notice_thread = threading.Thread(target = listener, args = args, name = name)
|
|
notice_thread.setDaemon(True)
|
|
notice_thread.start()
|
|
else:
|
|
listener(self, state, change_timestamp)
|
|
|
|
def _launch_threads(self):
|
|
"""
|
|
Initializes daemon threads. Threads can't be reused so we need to recreate
|
|
them if we're restarted.
|
|
"""
|
|
|
|
# In theory concurrent calls could result in multiple start() calls on a
|
|
# single thread, which would cause an unexpected exception. Best be safe.
|
|
|
|
with self._socket._get_send_lock():
|
|
if not self._reader_thread or not self._reader_thread.is_alive():
|
|
self._reader_thread = threading.Thread(target = self._reader_loop, name = "Tor Listener")
|
|
self._reader_thread.setDaemon(True)
|
|
self._reader_thread.start()
|
|
|
|
if not self._event_thread or not self._event_thread.is_alive():
|
|
self._event_thread = threading.Thread(target = self._event_loop, name = "Event Notifier")
|
|
self._event_thread.setDaemon(True)
|
|
self._event_thread.start()
|
|
|
|
def _reader_loop(self):
|
|
"""
|
|
Continually pulls from the control socket, directing the messages into
|
|
queues based on their type. Controller messages come in two varieties...
|
|
|
|
* Responses to messages we've sent (GETINFO, SETCONF, etc).
|
|
* Asynchronous events, identified by a status code of 650.
|
|
"""
|
|
|
|
while self.is_alive():
|
|
try:
|
|
control_message = self._socket.recv()
|
|
self._last_heartbeat = time.time()
|
|
|
|
if control_message.content()[-1][0] == "650":
|
|
# asynchronous message, adds to the event queue and wakes up its handler
|
|
self._event_queue.put(control_message)
|
|
self._event_notice.set()
|
|
else:
|
|
# response to a msg() call
|
|
self._reply_queue.put(control_message)
|
|
except stem.ControllerError as exc:
|
|
# Assume that all exceptions belong to the reader. This isn't always
|
|
# true, but the msg() call can do a better job of sorting it out.
|
|
#
|
|
# Be aware that the msg() method relies on this to unblock callers.
|
|
|
|
self._reply_queue.put(exc)
|
|
|
|
def _event_loop(self):
|
|
"""
|
|
Continually pulls messages from the _event_queue and sends them to our
|
|
handle_event callback. This is done via its own thread so subclasses with a
|
|
lengthy handle_event implementation don't block further reading from the
|
|
socket.
|
|
"""
|
|
|
|
while True:
|
|
try:
|
|
event_message = self._event_queue.get_nowait()
|
|
self._handle_event(event_message)
|
|
except Queue.Empty:
|
|
if not self.is_alive():
|
|
break
|
|
|
|
self._event_notice.wait()
|
|
self._event_notice.clear()
|
|
|
|
|
|
class Controller(BaseController):
|
|
"""
|
|
Communicates with a control socket. This is built on top of the
|
|
BaseController and provides a more user friendly API for library users.
|
|
"""
|
|
|
|
@staticmethod
|
|
def from_port(address = "127.0.0.1", port = 9051):
|
|
"""
|
|
Constructs a :class:`~stem.socket.ControlPort` based Controller.
|
|
|
|
:param str address: ip address of the controller
|
|
:param int port: port number of the controller
|
|
|
|
:returns: :class:`~stem.control.Controller` attached to the given port
|
|
|
|
:raises: :class:`stem.SocketError` if we're unable to establish a connection
|
|
"""
|
|
|
|
if not stem.util.connection.is_valid_ipv4_address(address):
|
|
raise ValueError("Invalid IP address: %s" % address)
|
|
elif not stem.util.connection.is_valid_port(port):
|
|
raise ValueError("Invalid port: %s" % port)
|
|
|
|
control_port = stem.socket.ControlPort(address, port)
|
|
return Controller(control_port)
|
|
|
|
@staticmethod
|
|
def from_socket_file(path = "/var/run/tor/control"):
|
|
"""
|
|
Constructs a :class:`~stem.socket.ControlSocketFile` based Controller.
|
|
|
|
:param str path: path where the control socket is located
|
|
|
|
:returns: :class:`~stem.control.Controller` attached to the given socket file
|
|
|
|
:raises: :class:`stem.SocketError` if we're unable to establish a connection
|
|
"""
|
|
|
|
control_socket = stem.socket.ControlSocketFile(path)
|
|
return Controller(control_socket)
|
|
|
|
def __init__(self, control_socket):
|
|
super(Controller, self).__init__(control_socket)
|
|
|
|
self._is_caching_enabled = True
|
|
self._request_cache = {}
|
|
|
|
self._cache_lock = threading.RLock()
|
|
|
|
# mapping of event types to their listeners
|
|
|
|
self._event_listeners = {}
|
|
self._event_listeners_lock = threading.RLock()
|
|
|
|
# number of sequential 'GETINFO ip-to-country/*' lookups that have failed
|
|
self._geoip_failure_count = 0
|
|
self._enabled_features = []
|
|
|
|
def _sighup_listener(event):
|
|
if event.signal == Signal.RELOAD:
|
|
self.clear_cache()
|
|
self._notify_status_listeners(State.RESET)
|
|
|
|
self.add_event_listener(_sighup_listener, EventType.SIGNAL)
|
|
|
|
def _confchanged_listener(event):
|
|
if self.is_caching_enabled():
|
|
self._set_cache(dict((k, None) for k in event.config), "getconf")
|
|
|
|
if "exitpolicy" in event.config.keys():
|
|
self._set_cache({"exitpolicy": None})
|
|
|
|
self.add_event_listener(_confchanged_listener, EventType.CONF_CHANGED)
|
|
|
|
def connect(self):
|
|
super(Controller, self).connect()
|
|
self.clear_cache()
|
|
|
|
def close(self):
|
|
# making a best-effort attempt to quit before detaching the socket
|
|
if self.is_alive():
|
|
try:
|
|
self.msg("QUIT")
|
|
except:
|
|
pass
|
|
|
|
self.clear_cache()
|
|
|
|
super(Controller, self).close()
|
|
|
|
def authenticate(self, *args, **kwargs):
|
|
"""
|
|
A convenience method to authenticate the controller. This is just a
|
|
pass-through to :func:`stem.connection.authenticate`.
|
|
"""
|
|
|
|
import stem.connection
|
|
stem.connection.authenticate(self, *args, **kwargs)
|
|
|
|
def get_info(self, params, default = UNDEFINED, get_bytes = False):
|
|
"""
|
|
Queries the control socket for the given GETINFO option. If provided a
|
|
default then that's returned if the GETINFO option is undefined or the
|
|
call fails for any reason (error response, control port closed, initiated,
|
|
etc).
|
|
|
|
:param str,list params: GETINFO option or options to be queried
|
|
:param object default: response if the query fails
|
|
:param bool get_bytes: provides **bytes** values rather than a **str** under python 3.x
|
|
|
|
:returns:
|
|
Response depends upon how we were called as follows...
|
|
|
|
* **str** with the response if our param was a **str**
|
|
* **dict** with the 'param => response' mapping if our param was a **list**
|
|
* default if one was provided and our call failed
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails and we weren't
|
|
provided a default response
|
|
* :class:`stem.InvalidArguments` if the 'params' requested was
|
|
invalid
|
|
* :class:`stem.ProtocolError` if the geoip database is known to be
|
|
unavailable
|
|
"""
|
|
|
|
start_time = time.time()
|
|
reply = {}
|
|
|
|
if isinstance(params, (bytes, unicode)):
|
|
is_multiple = False
|
|
params = set([params])
|
|
else:
|
|
if not params:
|
|
return {}
|
|
|
|
is_multiple = True
|
|
params = set(params)
|
|
|
|
# check for cached results
|
|
|
|
from_cache = [param.lower() for param in params]
|
|
cached_results = self._get_cache_map(from_cache, "getinfo")
|
|
|
|
for key in cached_results:
|
|
user_expected_key = _case_insensitive_lookup(params, key)
|
|
reply[user_expected_key] = cached_results[key]
|
|
params.remove(user_expected_key)
|
|
|
|
for param in params:
|
|
if param.startswith('ip-to-country/') and self.is_geoip_unavailable():
|
|
# the geoip database already looks to be unavailable - abort the request
|
|
if default == UNDEFINED:
|
|
raise stem.ProtocolError("Tor geoip database is unavailable")
|
|
else:
|
|
return default
|
|
|
|
# if everything was cached then short circuit making the query
|
|
if not params:
|
|
log.trace("GETINFO %s (cache fetch)" % " ".join(reply.keys()))
|
|
|
|
if is_multiple:
|
|
return reply
|
|
else:
|
|
return reply.values()[0]
|
|
|
|
try:
|
|
response = self.msg("GETINFO %s" % " ".join(params))
|
|
stem.response.convert("GETINFO", response)
|
|
response._assert_matches(params)
|
|
|
|
# usually we want unicode values under python 3.x
|
|
|
|
if stem.prereq.is_python_3() and not get_bytes:
|
|
response.entries = dict((k, stem.util.str_tools._to_unicode(v)) for (k, v) in response.entries.items())
|
|
|
|
reply.update(response.entries)
|
|
|
|
if self.is_caching_enabled():
|
|
to_cache = {}
|
|
|
|
for key, value in response.entries.items():
|
|
key = key.lower() # make case insensitive
|
|
|
|
if key in CACHEABLE_GETINFO_PARAMS:
|
|
to_cache[key] = value
|
|
elif key.startswith('ip-to-country/'):
|
|
# both cache-able and means that we should reset the geoip failure count
|
|
to_cache[key] = value
|
|
self._geoip_failure_count = -1
|
|
|
|
self._set_cache(to_cache, "getinfo")
|
|
|
|
log.debug("GETINFO %s (runtime: %0.4f)" % (" ".join(params), time.time() - start_time))
|
|
|
|
if is_multiple:
|
|
return reply
|
|
else:
|
|
return reply.values()[0]
|
|
except stem.ControllerError as exc:
|
|
# bump geoip failure count if...
|
|
# * we're caching results
|
|
# * this was soley a geoip lookup
|
|
# * we've never had a successful geoip lookup (failure count isn't -1)
|
|
|
|
is_geoip_request = len(params) == 1 and list(params)[0].startswith('ip-to-country/')
|
|
|
|
if is_geoip_request and self.is_caching_enabled() and self._geoip_failure_count != -1:
|
|
self._geoip_failure_count += 1
|
|
|
|
if self.is_geoip_unavailable():
|
|
log.warn("Tor's geoip database is unavailable.")
|
|
|
|
log.debug("GETINFO %s (failed: %s)" % (" ".join(params), exc))
|
|
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_version(self, default = UNDEFINED):
|
|
"""
|
|
A convenience method to get tor version that current controller is
|
|
connected to.
|
|
|
|
:param object default: response if the query fails
|
|
|
|
:returns: :class:`~stem.version.Version` of the tor instance that we're
|
|
connected to
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if unable to query the version
|
|
* **ValueError** if unable to parse the version
|
|
|
|
An exception is only raised if we weren't provided a default response.
|
|
"""
|
|
|
|
try:
|
|
version = self._get_cache("version")
|
|
|
|
if not version:
|
|
version = stem.version.Version(self.get_info("version"))
|
|
self._set_cache({"version": version})
|
|
|
|
return version
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_exit_policy(self, default = UNDEFINED):
|
|
"""
|
|
Effective ExitPolicy for our relay. This accounts for
|
|
ExitPolicyRejectPrivate and default policies.
|
|
|
|
:param object default: response if the query fails
|
|
|
|
:returns: :class:`~stem.exit_policy.ExitPolicy` of the tor instance that
|
|
we're connected to
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if unable to query the policy
|
|
* **ValueError** if unable to parse the policy
|
|
|
|
An exception is only raised if we weren't provided a default response.
|
|
"""
|
|
with self._msg_lock:
|
|
try:
|
|
config_policy = self._get_cache("exit_policy")
|
|
|
|
if not config_policy:
|
|
policy = []
|
|
|
|
if self.get_conf("ExitPolicyRejectPrivate") == "1":
|
|
policy.append("reject private:*")
|
|
|
|
public_addr = self.get_info("address", None)
|
|
|
|
if public_addr:
|
|
policy.append("reject %s:*" % public_addr)
|
|
|
|
for policy_line in self.get_conf("ExitPolicy", multiple = True):
|
|
policy += policy_line.split(",")
|
|
|
|
policy += self.get_info("exit-policy/default").split(",")
|
|
|
|
config_policy = stem.exit_policy.get_config_policy(policy)
|
|
self._set_cache({"exit_policy": config_policy})
|
|
|
|
return config_policy
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_socks_listeners(self, default = UNDEFINED):
|
|
"""
|
|
Provides the SOCKS **(address, port)** tuples that tor has open.
|
|
|
|
:param object default: response if the query fails
|
|
|
|
:returns: list of **(address, port)** tuples for the available SOCKS
|
|
listeners
|
|
|
|
:raises: :class:`stem.ControllerError` if unable to determine the listeners
|
|
and no default was provided
|
|
"""
|
|
|
|
try:
|
|
proxy_addrs = []
|
|
|
|
try:
|
|
for listener in self.get_info("net/listeners/socks").split():
|
|
if not (listener.startswith('"') and listener.endswith('"')):
|
|
raise stem.ProtocolError("'GETINFO net/listeners/socks' responses are expected to be quoted: %s" % listener)
|
|
elif not ':' in listener:
|
|
raise stem.ProtocolError("'GETINFO net/listeners/socks' had a listener without a colon: %s" % listener)
|
|
|
|
listener = listener[1:-1] # strip quotes
|
|
addr, port = listener.split(':')
|
|
proxy_addrs.append((addr, port))
|
|
except stem.InvalidArguments:
|
|
# tor version is old (pre-tor-0.2.2.26-beta), use get_conf() instead
|
|
socks_port = self.get_conf('SocksPort')
|
|
|
|
for listener in self.get_conf('SocksListenAddress', multiple = True):
|
|
if ':' in listener:
|
|
addr, port = listener.split(':')
|
|
proxy_addrs.append((addr, port))
|
|
else:
|
|
proxy_addrs.append((listener, socks_port))
|
|
|
|
# validate that address/ports are valid, and convert ports to ints
|
|
|
|
for addr, port in proxy_addrs:
|
|
if not stem.util.connection.is_valid_ipv4_address(addr):
|
|
raise stem.ProtocolError("Invalid address for a SOCKS listener: %s" % addr)
|
|
elif not stem.util.connection.is_valid_port(port):
|
|
raise stem.ProtocolError("Invalid port for a SOCKS listener: %s" % port)
|
|
|
|
return [(addr, int(port)) for (addr, port) in proxy_addrs]
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_protocolinfo(self, default = UNDEFINED):
|
|
"""
|
|
A convenience method to get the protocol info of the controller.
|
|
|
|
:param object default: response if the query fails
|
|
|
|
:returns: :class:`~stem.response.protocolinfo.ProtocolInfoResponse` provided by tor
|
|
|
|
:raises:
|
|
* :class:`stem.ProtocolError` if the PROTOCOLINFO response is
|
|
malformed
|
|
* :class:`stem.SocketError` if problems arise in establishing or
|
|
using the socket
|
|
|
|
An exception is only raised if we weren't provided a default response.
|
|
"""
|
|
|
|
import stem.connection
|
|
|
|
try:
|
|
return stem.connection.get_protocolinfo(self)
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_user(self, default = UNDEFINED):
|
|
"""
|
|
Provides the user tor is running as. This often only works if tor is
|
|
running locally. Also, most of its checks are platform dependent, and hence
|
|
are not entirely reliable.
|
|
|
|
:param object default: response if the query fails
|
|
|
|
:returns: str with the username tor is running as
|
|
"""
|
|
|
|
user = self._get_cache("user")
|
|
|
|
if not user:
|
|
user = self.get_info("process/user", None)
|
|
|
|
if not user and self.get_socket().is_localhost():
|
|
pid = self.get_pid(None)
|
|
|
|
if pid:
|
|
user = stem.util.system.get_user(pid)
|
|
|
|
if user:
|
|
self._set_cache({"user": user})
|
|
return user
|
|
elif default == UNDEFINED:
|
|
if self.get_socket().is_localhost():
|
|
raise ValueError("Unable to resolve tor's user")
|
|
else:
|
|
raise ValueError("Tor isn't running locally")
|
|
else:
|
|
return default
|
|
|
|
def get_pid(self, default = UNDEFINED):
|
|
"""
|
|
Provides the process id of tor. This often only works if tor is running
|
|
locally. Also, most of its checks are platform dependent, and hence are not
|
|
entirely reliable.
|
|
|
|
:param object default: response if the query fails
|
|
|
|
:returns: int with our process' pid
|
|
|
|
:raises: **ValueError** if unable to determine the pid and no default was
|
|
provided
|
|
"""
|
|
|
|
pid = self._get_cache("pid")
|
|
|
|
if not pid:
|
|
getinfo_pid = self.get_info("process/pid", None)
|
|
|
|
if getinfo_pid and getinfo_pid.isdigit():
|
|
pid = int(getinfo_pid)
|
|
|
|
if not pid and self.get_socket().is_localhost():
|
|
pid_file_path = self.get_conf("PidFile", None)
|
|
|
|
if pid_file_path is not None:
|
|
with open(pid_file_path) as pid_file:
|
|
pid_file_contents = pid_file.read().strip()
|
|
|
|
if pid_file_contents.isdigit():
|
|
pid = int(pid_file_contents)
|
|
|
|
if not pid:
|
|
pid = stem.util.system.get_pid_by_name('tor')
|
|
|
|
if not pid:
|
|
control_socket = self.get_socket()
|
|
|
|
if isinstance(control_socket, stem.socket.ControlPort):
|
|
pid = stem.util.system.get_pid_by_port(control_socket.get_port())
|
|
elif isinstance(control_socket, stem.socket.ControlSocketFile):
|
|
pid = stem.util.system.get_pid_by_open_file(control_socket.get_socket_path())
|
|
|
|
if pid:
|
|
self._set_cache({"pid": pid})
|
|
return pid
|
|
elif default == UNDEFINED:
|
|
if self.get_socket().is_localhost():
|
|
raise ValueError("Unable to resolve tor's pid")
|
|
else:
|
|
raise ValueError("Tor isn't running locally")
|
|
else:
|
|
return default
|
|
|
|
def get_microdescriptor(self, relay, default = UNDEFINED):
|
|
"""
|
|
Provides the microdescriptor for the relay with the given fingerprint or
|
|
nickname. If the relay identifier could be either a fingerprint *or*
|
|
nickname then it's queried as a fingerprint.
|
|
|
|
:param str relay: fingerprint or nickname of the relay to be queried
|
|
:param object default: response if the query fails
|
|
|
|
:returns: :class:`~stem.descriptor.microdescriptor.Microdescriptor` for the given relay
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if unable to query the descriptor
|
|
* **ValueError** if **relay** doesn't conform with the pattern for being
|
|
a fingerprint or nickname
|
|
|
|
An exception is only raised if we weren't provided a default response.
|
|
"""
|
|
|
|
try:
|
|
if stem.util.tor_tools.is_valid_fingerprint(relay):
|
|
query = "md/id/%s" % relay
|
|
elif stem.util.tor_tools.is_valid_nickname(relay):
|
|
query = "md/name/%s" % relay
|
|
else:
|
|
raise ValueError("'%s' isn't a valid fingerprint or nickname" % relay)
|
|
|
|
desc_content = self.get_info(query, get_bytes = True)
|
|
return stem.descriptor.microdescriptor.Microdescriptor(desc_content)
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_microdescriptors(self, default = UNDEFINED):
|
|
"""
|
|
Provides an iterator for all of the microdescriptors that tor presently
|
|
knows about.
|
|
|
|
**Tor does not expose this information via the control protocol**
|
|
(:trac:`8323`). Until it does this reads the microdescriptors from disk,
|
|
and hence won't work remotely or if we lack read permissions.
|
|
|
|
:param list default: items to provide if the query fails
|
|
|
|
:returns: iterates over
|
|
:class:`~stem.descriptor.microdescriptor.Microdescriptor` for relays in
|
|
the tor network
|
|
|
|
:raises: :class:`stem.ControllerError` if unable to query tor and no
|
|
default was provided
|
|
"""
|
|
|
|
try:
|
|
try:
|
|
data_directory = self.get_conf("DataDirectory")
|
|
except stem.ControllerError as exc:
|
|
raise stem.OperationFailed(message = "Unable to determine the data directory (%s)" % exc)
|
|
|
|
cached_descriptor_path = os.path.join(data_directory, "cached-microdescs")
|
|
|
|
if not os.path.exists(data_directory):
|
|
raise stem.OperationFailed(message = "Data directory reported by tor doesn't exist (%s)" % data_directory)
|
|
elif not os.path.exists(cached_descriptor_path):
|
|
raise stem.OperationFailed(message = "Data directory doens't contain cached microescriptors (%s)" % cached_descriptor_path)
|
|
|
|
with stem.descriptor.reader.DescriptorReader([cached_descriptor_path]) as reader:
|
|
for desc in reader:
|
|
# It shouldn't be possible for these to be something other than
|
|
# microdescriptors but as the saying goes: trust but verify.
|
|
|
|
if not isinstance(desc, stem.descriptor.microdescriptor.Microdescriptor):
|
|
raise stem.OperationFailed(message = "BUG: Descriptor reader provided non-microdescriptor content (%s)" % type(desc))
|
|
|
|
yield desc
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
if default is not None:
|
|
for entry in default:
|
|
yield entry
|
|
|
|
def get_server_descriptor(self, relay, default = UNDEFINED):
|
|
"""
|
|
Provides the server descriptor for the relay with the given fingerprint or
|
|
nickname. If the relay identifier could be either a fingerprint *or*
|
|
nickname then it's queried as a fingerprint.
|
|
|
|
**As of Tor version 0.2.3.25 relays no longer get server descriptors by
|
|
default.** It's advised that you use microdescriptors instead, but if you
|
|
really need server descriptors then you can get them by setting
|
|
'UseMicrodescriptors 0'.
|
|
|
|
:param str relay: fingerprint or nickname of the relay to be queried
|
|
:param object default: response if the query fails
|
|
|
|
:returns: :class:`~stem.descriptor.server_descriptor.RelayDescriptor` for the given relay
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if unable to query the descriptor
|
|
* **ValueError** if **relay** doesn't conform with the pattern for being
|
|
a fingerprint or nickname
|
|
|
|
An exception is only raised if we weren't provided a default response.
|
|
"""
|
|
|
|
try:
|
|
if stem.util.tor_tools.is_valid_fingerprint(relay):
|
|
query = "desc/id/%s" % relay
|
|
elif stem.util.tor_tools.is_valid_nickname(relay):
|
|
query = "desc/name/%s" % relay
|
|
else:
|
|
raise ValueError("'%s' isn't a valid fingerprint or nickname" % relay)
|
|
|
|
desc_content = self.get_info(query, get_bytes = True)
|
|
return stem.descriptor.server_descriptor.RelayDescriptor(desc_content)
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
if not self._is_server_descriptors_available():
|
|
raise ValueError(SERVER_DESCRIPTORS_UNSUPPORTED)
|
|
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_server_descriptors(self, default = UNDEFINED):
|
|
"""
|
|
Provides an iterator for all of the server descriptors that tor presently
|
|
knows about.
|
|
|
|
**As of Tor version 0.2.3.25 relays no longer get server descriptors by
|
|
default.** It's advised that you use microdescriptors instead, but if you
|
|
really need server descriptors then you can get them by setting
|
|
'UseMicrodescriptors 0'.
|
|
|
|
:param list default: items to provide if the query fails
|
|
|
|
:returns: iterates over
|
|
:class:`~stem.descriptor.server_descriptor.RelayDescriptor` for relays in
|
|
the tor network
|
|
|
|
:raises: :class:`stem.ControllerError` if unable to query tor and no
|
|
default was provided
|
|
"""
|
|
|
|
try:
|
|
# TODO: We should iterate over the descriptors as they're read from the
|
|
# socket rather than reading the whole thing into memory.
|
|
#
|
|
# https://trac.torproject.org/8248
|
|
|
|
desc_content = self.get_info("desc/all-recent", get_bytes = True)
|
|
|
|
if not desc_content and not self._is_server_descriptors_available():
|
|
raise ValueError(SERVER_DESCRIPTORS_UNSUPPORTED)
|
|
|
|
for desc in stem.descriptor.server_descriptor._parse_file(io.BytesIO(desc_content)):
|
|
yield desc
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
if default is not None:
|
|
for entry in default:
|
|
yield entry
|
|
|
|
def _is_server_descriptors_available(self):
|
|
"""
|
|
Checks to see if tor server descriptors should be available or not.
|
|
"""
|
|
|
|
return self.get_version() < stem.version.Requirement.MICRODESCRIPTOR_IS_DEFAULT or \
|
|
self.get_conf('UseMicrodescriptors', None) == '0'
|
|
|
|
def get_network_status(self, relay, default = UNDEFINED):
|
|
"""
|
|
Provides the router status entry for the relay with the given fingerprint
|
|
or nickname. If the relay identifier could be either a fingerprint *or*
|
|
nickname then it's queried as a fingerprint.
|
|
|
|
:param str relay: fingerprint or nickname of the relay to be queried
|
|
:param object default: response if the query fails
|
|
|
|
:returns: :class:`~stem.descriptor.router_status_entry.RouterStatusEntryV3`
|
|
for the given relay
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if unable to query the descriptor
|
|
* **ValueError** if **relay** doesn't conform with the pattern for being
|
|
a fingerprint or nickname
|
|
|
|
An exception is only raised if we weren't provided a default response.
|
|
"""
|
|
|
|
# TODO: It would be great to add support for v3 router status entries. This
|
|
# is pending...
|
|
#
|
|
# https://trac.torproject.org/7953
|
|
|
|
try:
|
|
if stem.util.tor_tools.is_valid_fingerprint(relay):
|
|
query = "ns/id/%s" % relay
|
|
elif stem.util.tor_tools.is_valid_nickname(relay):
|
|
query = "ns/name/%s" % relay
|
|
else:
|
|
raise ValueError("'%s' isn't a valid fingerprint or nickname" % relay)
|
|
|
|
desc_content = self.get_info(query, get_bytes = True)
|
|
return stem.descriptor.router_status_entry.RouterStatusEntryV3(desc_content)
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_network_statuses(self, default = UNDEFINED):
|
|
"""
|
|
Provides an iterator for all of the router status entries that tor
|
|
presently knows about.
|
|
|
|
:param list default: items to provide if the query fails
|
|
|
|
:returns: iterates over
|
|
:class:`~stem.descriptor.router_status_entry.RouterStatusEntryV3` for
|
|
relays in the tor network
|
|
|
|
:raises: :class:`stem.ControllerError` if unable to query tor and no
|
|
default was provided
|
|
"""
|
|
|
|
try:
|
|
# TODO: We should iterate over the descriptors as they're read from the
|
|
# socket rather than reading the whole thing into memory.
|
|
#
|
|
# https://trac.torproject.org/8248
|
|
|
|
desc_content = self.get_info("ns/all", get_bytes = True)
|
|
|
|
desc_iterator = stem.descriptor.router_status_entry._parse_file(
|
|
io.BytesIO(desc_content),
|
|
True,
|
|
entry_class = stem.descriptor.router_status_entry.RouterStatusEntryV3,
|
|
)
|
|
|
|
for desc in desc_iterator:
|
|
yield desc
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
if default is not None:
|
|
for entry in default:
|
|
yield entry
|
|
|
|
def get_conf(self, param, default = UNDEFINED, multiple = False):
|
|
"""
|
|
Queries the current value for a configuration option. Some configuration
|
|
options (like the ExitPolicy) can have multiple values. This provides a
|
|
**list** with all of the values if **multiple** is **True**. Otherwise this
|
|
will be a **str** with the first value.
|
|
|
|
If provided with a **default** then that is provided if the configuration
|
|
option was unset or the query fails (invalid configuration option, error
|
|
response, control port closed, initiated, etc).
|
|
|
|
If the configuration value is unset and no **default** was given then this
|
|
provides **None** if **multiple** was **False** and an empty list if it was
|
|
**True**.
|
|
|
|
:param str param: configuration option to be queried
|
|
:param object default: response if the option is unset or the query fails
|
|
:param bool multiple: if **True** then provides a list with all of the
|
|
present values (this is an empty list if the config option is unset)
|
|
|
|
:returns:
|
|
Response depends upon how we were called as follows...
|
|
|
|
* **str** with the configuration value if **multiple** was **False**,
|
|
**None** if it was unset
|
|
* **list** with the response strings if multiple was **True**
|
|
* default if one was provided and the configuration option was either
|
|
unset or our call failed
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails and we weren't
|
|
provided a default response
|
|
* :class:`stem.InvalidArguments` if the configuration option
|
|
requested was invalid
|
|
"""
|
|
|
|
# Config options are case insensitive and don't contain whitespace. Using
|
|
# strip so the following check will catch whitespace-only params.
|
|
|
|
param = param.lower().strip()
|
|
|
|
if not param:
|
|
return default if default != UNDEFINED else None
|
|
|
|
entries = self.get_conf_map(param, default, multiple)
|
|
return _case_insensitive_lookup(entries, param, default)
|
|
|
|
def get_conf_map(self, params, default = UNDEFINED, multiple = True):
|
|
"""
|
|
Similar to :func:`~stem.control.Controller.get_conf` but queries multiple
|
|
configuration options, providing back a mapping of those options to their
|
|
values.
|
|
|
|
There are three use cases for GETCONF:
|
|
|
|
1. a single value is provided (e.g. **ControlPort**)
|
|
2. multiple values are provided for the option (e.g. **ExitPolicy**)
|
|
3. a set of options that weren't necessarily requested are returned (for
|
|
instance querying **HiddenServiceOptions** gives **HiddenServiceDir**,
|
|
**HiddenServicePort**, etc)
|
|
|
|
The vast majority of the options fall into the first two categories, in
|
|
which case calling :func:`~stem.control.Controller.get_conf` is sufficient.
|
|
However, for batch queries or the special options that give a set of values
|
|
this provides back the full response. As of tor version 0.2.1.25
|
|
**HiddenServiceOptions** was the only option that falls into the third
|
|
category.
|
|
|
|
:param str,list params: configuration option(s) to be queried
|
|
:param object default: value for the mappings if the configuration option
|
|
is either undefined or the query fails
|
|
:param bool multiple: if **True** then the values provided are lists with
|
|
all of the present values
|
|
|
|
:returns:
|
|
**dict** of the 'config key => value' mappings. The value is a...
|
|
|
|
* **str** if **multiple** is **False**, **None** if the configuration
|
|
option is unset
|
|
* **list** if **multiple** is **True**
|
|
* the **default** if it was set and the value was either undefined or our
|
|
lookup failed
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails and we weren't provided
|
|
a default response
|
|
* :class:`stem.InvalidArguments` if the configuration option requested
|
|
was invalid
|
|
"""
|
|
|
|
start_time = time.time()
|
|
reply = {}
|
|
|
|
if isinstance(params, (bytes, unicode)):
|
|
params = [params]
|
|
|
|
# remove strings which contain only whitespace
|
|
params = filter(lambda entry: entry.strip(), params)
|
|
|
|
if params == []:
|
|
return {}
|
|
|
|
# translate context sensitive options
|
|
lookup_params = set([MAPPED_CONFIG_KEYS.get(entry, entry) for entry in params])
|
|
|
|
# check for cached results
|
|
|
|
from_cache = [param.lower() for param in lookup_params]
|
|
cached_results = self._get_cache_map(from_cache, "getconf")
|
|
|
|
for key in cached_results:
|
|
user_expected_key = _case_insensitive_lookup(lookup_params, key)
|
|
reply[user_expected_key] = cached_results[key]
|
|
lookup_params.remove(user_expected_key)
|
|
|
|
# if everything was cached then short circuit making the query
|
|
if not lookup_params:
|
|
log.trace("GETCONF %s (cache fetch)" % " ".join(reply.keys()))
|
|
return self._get_conf_dict_to_response(reply, default, multiple)
|
|
|
|
try:
|
|
response = self.msg("GETCONF %s" % ' '.join(lookup_params))
|
|
stem.response.convert("GETCONF", response)
|
|
reply.update(response.entries)
|
|
|
|
if self.is_caching_enabled():
|
|
to_cache = dict((k.lower(), v) for k, v in response.entries.items())
|
|
|
|
for key in UNCACHEABLE_GETCONF_PARAMS:
|
|
if key in to_cache:
|
|
del to_cache[key]
|
|
|
|
self._set_cache(to_cache, "getconf")
|
|
|
|
# Maps the entries back to the parameters that the user requested so the
|
|
# capitalization matches (ie, if they request "exitpolicy" then that
|
|
# should be the key rather than "ExitPolicy"). When the same
|
|
# configuration key is provided multiple times this determines the case
|
|
# based on the first and ignores the rest.
|
|
#
|
|
# This retains the tor provided camel casing of MAPPED_CONFIG_KEYS
|
|
# entries since the user didn't request those by their key, so we can't
|
|
# be sure what they wanted.
|
|
|
|
for key in reply:
|
|
if not key.lower() in MAPPED_CONFIG_KEYS.values():
|
|
user_expected_key = _case_insensitive_lookup(params, key, key)
|
|
|
|
if key != user_expected_key:
|
|
reply[user_expected_key] = reply[key]
|
|
del reply[key]
|
|
|
|
log.debug("GETCONF %s (runtime: %0.4f)" % (" ".join(lookup_params), time.time() - start_time))
|
|
return self._get_conf_dict_to_response(reply, default, multiple)
|
|
except stem.ControllerError as exc:
|
|
log.debug("GETCONF %s (failed: %s)" % (" ".join(lookup_params), exc))
|
|
|
|
if default != UNDEFINED:
|
|
return dict((param, default) for param in params)
|
|
else:
|
|
raise exc
|
|
|
|
def _get_conf_dict_to_response(self, config_dict, default, multiple):
|
|
"""
|
|
Translates a dictionary of 'config key => [value1, value2...]' into the
|
|
return value of :func:`~stem.control.Controller.get_conf_map`, taking into
|
|
account what the caller requested.
|
|
"""
|
|
|
|
return_dict = {}
|
|
|
|
for key, values in config_dict.items():
|
|
if values == []:
|
|
# config option was unset
|
|
if default != UNDEFINED:
|
|
return_dict[key] = default
|
|
else:
|
|
return_dict[key] = [] if multiple else None
|
|
else:
|
|
return_dict[key] = values if multiple else values[0]
|
|
|
|
return return_dict
|
|
|
|
def set_conf(self, param, value):
|
|
"""
|
|
Changes the value of a tor configuration option. Our value can be any of
|
|
the following...
|
|
|
|
* a string to set a single value
|
|
* a list of strings to set a series of values (for instance the ExitPolicy)
|
|
* None to either set the value to 0/NULL
|
|
|
|
:param str param: configuration option to be set
|
|
:param str,list value: value to set the parameter to
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails
|
|
* :class:`stem.InvalidArguments` if configuration options
|
|
requested was invalid
|
|
* :class:`stem.InvalidRequest` if the configuration setting is
|
|
impossible or if there's a syntax error in the configuration values
|
|
"""
|
|
|
|
self.set_options({param: value}, False)
|
|
|
|
def reset_conf(self, *params):
|
|
"""
|
|
Reverts one or more parameters to their default values.
|
|
|
|
:param str params: configuration option to be reset
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails
|
|
* :class:`stem.InvalidArguments` if configuration options requested was invalid
|
|
* :class:`stem.InvalidRequest` if the configuration setting is
|
|
impossible or if there's a syntax error in the configuration values
|
|
"""
|
|
|
|
self.set_options(dict([(entry, None) for entry in params]), True)
|
|
|
|
def set_options(self, params, reset = False):
|
|
"""
|
|
Changes multiple tor configuration options via either a SETCONF or
|
|
RESETCONF query. Both behave identically unless our value is None, in which
|
|
case SETCONF sets the value to 0 or NULL, and RESETCONF returns it to its
|
|
default value. This accepts str, list, or None values in a similar fashion
|
|
to :func:`~stem.control.Controller.set_conf`. For example...
|
|
|
|
::
|
|
|
|
my_controller.set_options({
|
|
"Nickname": "caerSidi",
|
|
"ExitPolicy": ["accept *:80", "accept *:443", "reject *:*"],
|
|
"ContactInfo": "caerSidi-exit@someplace.com",
|
|
"Log": None,
|
|
})
|
|
|
|
The params can optionally be a list of key/value tuples, though the only
|
|
reason this type of argument would be useful is for hidden service
|
|
configuration (those options are order dependent).
|
|
|
|
:param dict,list params: mapping of configuration options to the values
|
|
we're setting it to
|
|
:param bool reset: issues a RESETCONF, returning **None** values to their
|
|
defaults if **True**
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails
|
|
* :class:`stem.InvalidArguments` if configuration options
|
|
requested was invalid
|
|
* :class:`stem.InvalidRequest` if the configuration setting is
|
|
impossible or if there's a syntax error in the configuration values
|
|
"""
|
|
|
|
start_time = time.time()
|
|
|
|
# constructs the SETCONF or RESETCONF query
|
|
query_comp = ["RESETCONF" if reset else "SETCONF"]
|
|
|
|
if isinstance(params, dict):
|
|
params = params.items()
|
|
|
|
for param, value in params:
|
|
if isinstance(value, str):
|
|
query_comp.append("%s=\"%s\"" % (param, value.strip()))
|
|
elif value:
|
|
query_comp.extend(["%s=\"%s\"" % (param, val.strip()) for val in value])
|
|
else:
|
|
query_comp.append(param)
|
|
|
|
query = " ".join(query_comp)
|
|
response = self.msg(query)
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if response.is_ok():
|
|
log.debug("%s (runtime: %0.4f)" % (query, time.time() - start_time))
|
|
|
|
if self.is_caching_enabled():
|
|
to_cache = {}
|
|
|
|
for param, value in params:
|
|
param = param.lower()
|
|
|
|
if isinstance(value, (bytes, unicode)):
|
|
value = [value]
|
|
|
|
to_cache[param] = value
|
|
|
|
if param == "exitpolicy":
|
|
self._set_cache({"exitpolicy": None})
|
|
|
|
self._set_cache(to_cache, "getconf")
|
|
else:
|
|
log.debug("%s (failed, code: %s, message: %s)" % (query, response.code, response.message))
|
|
|
|
if response.code == "552":
|
|
if response.message.startswith("Unrecognized option: Unknown option '"):
|
|
key = response.message[37:response.message.find("\'", 37)]
|
|
raise stem.InvalidArguments(response.code, response.message, [key])
|
|
raise stem.InvalidRequest(response.code, response.message)
|
|
elif response.code in ("513", "553"):
|
|
raise stem.InvalidRequest(response.code, response.message)
|
|
else:
|
|
raise stem.ProtocolError("Returned unexpected status code: %s" % response.code)
|
|
|
|
def add_event_listener(self, listener, *events):
|
|
"""
|
|
Directs further tor controller events to a given function. The function is
|
|
expected to take a single argument, which is a
|
|
:class:`~stem.response.events.Event` subclass. For instance the following
|
|
would print the bytes sent and received by tor over five seconds...
|
|
|
|
::
|
|
|
|
import time
|
|
from stem.control import Controller, EventType
|
|
|
|
def print_bw(event):
|
|
print "sent: %i, received: %i" % (event.written, event.read)
|
|
|
|
with Controller.from_port(port = 9051) as controller:
|
|
controller.authenticate()
|
|
controller.add_event_listener(print_bw, EventType.BW)
|
|
time.sleep(5)
|
|
|
|
If a new control connection is initialized then this listener will be
|
|
reattached.
|
|
|
|
:param functor listener: function to be called when an event is received
|
|
:param stem.control.EventType events: event types to be listened for
|
|
|
|
:raises: :class:`stem.ProtocolError` if unable to set the events
|
|
"""
|
|
|
|
# first checking that tor supports these event types
|
|
with self._event_listeners_lock:
|
|
if self.is_authenticated():
|
|
for event_type in events:
|
|
event_version = stem.response.events.EVENT_TYPE_TO_CLASS[event_type]._VERSION_ADDED
|
|
|
|
if self.get_version() < event_version:
|
|
raise stem.InvalidRequest(552, "%s event requires Tor version %s or later" % (event_type, event_version))
|
|
|
|
for event_type in events:
|
|
self._event_listeners.setdefault(event_type, []).append(listener)
|
|
|
|
failed_events = self._attach_listeners()[1]
|
|
|
|
# restricted the failures to just things we requested
|
|
failed_events = set(failed_events).intersection(set(events))
|
|
|
|
if failed_events:
|
|
raise stem.ProtocolError("SETEVENTS rejected %s" % ", ".join(failed_events))
|
|
|
|
def remove_event_listener(self, listener):
|
|
"""
|
|
Stops a listener from being notified of further tor events.
|
|
|
|
:param stem.control.EventListener listener: listener to be removed
|
|
|
|
:raises: :class:`stem.ProtocolError` if unable to set the events
|
|
"""
|
|
|
|
with self._event_listeners_lock:
|
|
event_types_changed = False
|
|
|
|
for event_type, event_listeners in self._event_listeners.items():
|
|
if listener in event_listeners:
|
|
event_listeners.remove(listener)
|
|
|
|
if len(event_listeners) == 0:
|
|
event_types_changed = True
|
|
del self._event_listeners[event_type]
|
|
|
|
if event_types_changed:
|
|
response = self.msg("SETEVENTS %s" % " ".join(self._event_listeners.keys()))
|
|
|
|
if not response.is_ok():
|
|
raise stem.ProtocolError("SETEVENTS received unexpected response\n%s" % response)
|
|
|
|
def _get_cache(self, param, namespace = None):
|
|
"""
|
|
Queries our request cache for the given key.
|
|
|
|
:param str param: key to be queried
|
|
:param str namespace: namespace in which to check for the key
|
|
|
|
:returns: cached value corresponding to key or **None** if the key wasn't found
|
|
"""
|
|
|
|
return self._get_cache_map([param], namespace).get(param, None)
|
|
|
|
def _get_cache_map(self, params, namespace = None):
|
|
"""
|
|
Queries our request cache for multiple entries.
|
|
|
|
:param list params: keys to be queried
|
|
:param str namespace: namespace in which to check for the keys
|
|
|
|
:returns: **dict** of 'param => cached value' pairs of keys present in cache
|
|
"""
|
|
|
|
with self._cache_lock:
|
|
cached_values = {}
|
|
|
|
if self.is_caching_enabled():
|
|
for param in params:
|
|
if namespace:
|
|
cache_key = "%s.%s" % (namespace, param)
|
|
else:
|
|
cache_key = param
|
|
|
|
if cache_key in self._request_cache:
|
|
cached_values[param] = self._request_cache[cache_key]
|
|
|
|
return cached_values
|
|
|
|
def _set_cache(self, params, namespace = None):
|
|
"""
|
|
Sets the given request cache entries. If the new cache value is **None**
|
|
then it is removed from our cache.
|
|
|
|
:param dict params: **dict** of 'cache_key => value' pairs to be cached
|
|
:param str namespace: namespace for the keys
|
|
"""
|
|
|
|
with self._cache_lock:
|
|
if not self.is_caching_enabled():
|
|
return
|
|
|
|
for key, value in params.items():
|
|
if namespace:
|
|
cache_key = "%s.%s" % (namespace, key)
|
|
else:
|
|
cache_key = key
|
|
|
|
if value is None:
|
|
if cache_key in self._request_cache:
|
|
del self._request_cache[cache_key]
|
|
else:
|
|
self._request_cache[cache_key] = value
|
|
|
|
def is_caching_enabled(self):
|
|
"""
|
|
**True** if caching has been enabled, **False** otherwise.
|
|
|
|
:returns: bool to indicate if caching is enabled
|
|
"""
|
|
|
|
return self._is_caching_enabled
|
|
|
|
def set_caching(self, enabled):
|
|
"""
|
|
Enables or disables caching of information retrieved from tor.
|
|
|
|
:param bool enabled: **True** to enable caching, **False** to disable it
|
|
"""
|
|
|
|
self._is_caching_enabled = enabled
|
|
|
|
if not self._is_caching_enabled:
|
|
self.clear_cache()
|
|
|
|
def clear_cache(self):
|
|
"""
|
|
Drops any cached results.
|
|
"""
|
|
|
|
with self._cache_lock:
|
|
self._request_cache = {}
|
|
self._geoip_failure_count = 0
|
|
|
|
def load_conf(self, configtext):
|
|
"""
|
|
Sends the configuration text to Tor and loads it as if it has been read from
|
|
the torrc.
|
|
|
|
:param str configtext: the configuration text
|
|
|
|
:raises: :class:`stem.ControllerError` if the call fails
|
|
"""
|
|
|
|
response = self.msg("LOADCONF\n%s" % configtext)
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if response.code in ("552", "553"):
|
|
if response.code == "552" and response.message.startswith("Invalid config file: Failed to parse/validate config: Unknown option"):
|
|
raise stem.InvalidArguments(response.code, response.message, [response.message[70:response.message.find('.', 70) - 1]])
|
|
raise stem.InvalidRequest(response.code, response.message)
|
|
elif not response.is_ok():
|
|
raise stem.ProtocolError("+LOADCONF Received unexpected response\n%s" % str(response))
|
|
|
|
def save_conf(self):
|
|
"""
|
|
Saves the current configuration options into the active torrc file.
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails
|
|
* :class:`stem.OperationFailed` if the client is unable to save
|
|
the configuration file
|
|
"""
|
|
|
|
response = self.msg("SAVECONF")
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if response.is_ok():
|
|
return True
|
|
elif response.code == "551":
|
|
raise stem.OperationFailed(response.code, response.message)
|
|
else:
|
|
raise stem.ProtocolError("SAVECONF returned unexpected response code")
|
|
|
|
def is_feature_enabled(self, feature):
|
|
"""
|
|
Checks if a control connection feature is enabled. These features can be
|
|
enabled using :func:`~stem.control.Controller.enable_feature`.
|
|
|
|
:param str feature: feature to be checked
|
|
|
|
:returns: **True** if feature is enabled, **False** otherwise
|
|
"""
|
|
|
|
feature = feature.upper()
|
|
|
|
if feature in self._enabled_features:
|
|
return True
|
|
else:
|
|
# check if this feature is on by default
|
|
defaulted_version = None
|
|
|
|
if feature == "EXTENDED_EVENTS":
|
|
defaulted_version = stem.version.Requirement.FEATURE_EXTENDED_EVENTS
|
|
elif feature == "VERBOSE_NAMES":
|
|
defaulted_version = stem.version.Requirement.FEATURE_VERBOSE_NAMES
|
|
|
|
if defaulted_version:
|
|
our_version = self.get_version(None)
|
|
|
|
if our_version and our_version >= defaulted_version:
|
|
self._enabled_features.append(feature)
|
|
|
|
return feature in self._enabled_features
|
|
|
|
def enable_feature(self, features):
|
|
"""
|
|
Enables features that are disabled by default to maintain backward
|
|
compatibility. Once enabled, a feature cannot be disabled and a new
|
|
control connection must be opened to get a connection with the feature
|
|
disabled. Feature names are case-insensitive.
|
|
|
|
The following features are currently accepted:
|
|
|
|
* EXTENDED_EVENTS - Requests the extended event syntax
|
|
* VERBOSE_NAMES - Replaces ServerID with LongName in events and GETINFO results
|
|
|
|
:param str,list features: a single feature or a list of features to be enabled
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails
|
|
* :class:`stem.InvalidArguments` if features passed were invalid
|
|
"""
|
|
|
|
if isinstance(features, (bytes, unicode)):
|
|
features = [features]
|
|
|
|
response = self.msg("USEFEATURE %s" % " ".join(features))
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if not response.is_ok():
|
|
if response.code == "552":
|
|
invalid_feature = []
|
|
|
|
if response.message.startswith("Unrecognized feature \""):
|
|
invalid_feature = [response.message[22:response.message.find("\"", 22)]]
|
|
|
|
raise stem.InvalidArguments(response.code, response.message, invalid_feature)
|
|
|
|
raise stem.ProtocolError("USEFEATURE provided an invalid response code: %s" % response.code)
|
|
|
|
self._enabled_features += [entry.upper() for entry in features]
|
|
|
|
def get_circuit(self, circuit_id, default = UNDEFINED):
|
|
"""
|
|
Provides a circuit presently available from tor.
|
|
|
|
:param int circuit_id: circuit to be fetched
|
|
:param object default: response if the query fails
|
|
|
|
:returns: :class:`stem.response.events.CircuitEvent` for the given circuit
|
|
|
|
:raises:
|
|
* :class:`stem.ControllerError` if the call fails
|
|
* **ValueError** if the circuit doesn't exist
|
|
|
|
An exception is only raised if we weren't provided a default response.
|
|
"""
|
|
|
|
try:
|
|
for circ in self.get_circuits():
|
|
if circ.id == circuit_id:
|
|
return circ
|
|
|
|
raise ValueError("Tor presently does not have a circuit with the id of '%s'" % circuit_id)
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def get_circuits(self, default = UNDEFINED):
|
|
"""
|
|
Provides tor's currently available circuits.
|
|
|
|
:param object default: response if the query fails
|
|
|
|
:returns: **list** of :class:`stem.response.events.CircuitEvent` for our circuits
|
|
|
|
:raises: :class:`stem.ControllerError` if the call fails and no default was provided
|
|
"""
|
|
|
|
try:
|
|
circuits = []
|
|
response = self.get_info("circuit-status")
|
|
|
|
for circ in response.splitlines():
|
|
circ_message = stem.socket.recv_message(StringIO.StringIO("650 CIRC " + circ + "\r\n"))
|
|
stem.response.convert("EVENT", circ_message, arrived_at = 0)
|
|
circuits.append(circ_message)
|
|
|
|
return circuits
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def new_circuit(self, path = None, purpose = "general", await_build = False):
|
|
"""
|
|
Requests a new circuit. If the path isn't provided, one is automatically
|
|
selected.
|
|
|
|
:param list,str path: one or more relays to make a circuit through
|
|
:param str purpose: "general" or "controller"
|
|
:param bool await_build: blocks until the circuit is built if **True**
|
|
|
|
:returns: str of the circuit id of the newly created circuit
|
|
|
|
:raises: :class:`stem.ControllerError` if the call fails
|
|
"""
|
|
|
|
return self.extend_circuit('0', path, purpose, await_build)
|
|
|
|
def extend_circuit(self, circuit_id = "0", path = None, purpose = "general", await_build = False):
|
|
"""
|
|
Either requests the creation of a new circuit or extends an existing one.
|
|
|
|
When called with a circuit value of zero (the default) a new circuit is
|
|
created, and when non-zero the circuit with that id is extended. If the
|
|
path isn't provided, one is automatically selected.
|
|
|
|
A python interpreter session used to create circuits could look like this...
|
|
|
|
::
|
|
|
|
>>> control.extend_circuit('0', ["718BCEA286B531757ACAFF93AE04910EA73DE617", "30BAB8EE7606CBD12F3CC269AE976E0153E7A58D", "2765D8A8C4BBA3F89585A9FFE0E8575615880BEB"])
|
|
19
|
|
>>> control.extend_circuit('0')
|
|
20
|
|
>>> print control.get_info('circuit-status')
|
|
20 EXTENDED $718BCEA286B531757ACAFF93AE04910EA73DE617=KsmoinOK,$649F2D0ACF418F7CFC6539AB2257EB2D5297BAFA=Eskimo BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2012-12-06T13:51:11.433755
|
|
19 BUILT $718BCEA286B531757ACAFF93AE04910EA73DE617=KsmoinOK,$30BAB8EE7606CBD12F3CC269AE976E0153E7A58D=Pascal1,$2765D8A8C4BBA3F89585A9FFE0E8575615880BEB=Anthracite PURPOSE=GENERAL TIME_CREATED=2012-12-06T13:50:56.969938
|
|
|
|
:param str circuit_id: id of a circuit to be extended
|
|
:param list,str path: one or more relays to make a circuit through, this is
|
|
required if the circuit id is non-zero
|
|
:param str purpose: "general" or "controller"
|
|
:param bool await_build: blocks until the circuit is built if **True**
|
|
|
|
:returns: str of the circuit id of the created or extended circuit
|
|
|
|
:raises:
|
|
* :class:`stem.InvalidRequest` if one of the parameters were invalid
|
|
* :class:`stem.CircuitExtensionFailed` if we were waiting for the circuit
|
|
to build but it failed
|
|
* :class:`stem.ControllerError` if the call fails
|
|
"""
|
|
|
|
# Attaches a temporary listener for CIRC events if we'll be waiting for it
|
|
# to build. This is icky, but we can't reliably do this via polling since
|
|
# we then can't get the failure if it can't be created.
|
|
|
|
circ_queue, circ_listener = None, None
|
|
|
|
if await_build:
|
|
circ_queue = Queue.Queue()
|
|
|
|
def circ_listener(event):
|
|
circ_queue.put(event)
|
|
|
|
self.add_event_listener(circ_listener, EventType.CIRC)
|
|
|
|
try:
|
|
# we might accidently get integer circuit ids
|
|
circuit_id = str(circuit_id)
|
|
|
|
if path is None and circuit_id == '0':
|
|
path_opt_version = stem.version.Requirement.EXTENDCIRCUIT_PATH_OPTIONAL
|
|
|
|
if not self.get_version() >= path_opt_version:
|
|
raise stem.InvalidRequest(512, "EXTENDCIRCUIT requires the path prior to version %s" % path_opt_version)
|
|
|
|
args = [circuit_id]
|
|
|
|
if isinstance(path, (bytes, unicode)):
|
|
path = [path]
|
|
|
|
if path:
|
|
args.append(",".join(path))
|
|
|
|
if purpose:
|
|
args.append("purpose=%s" % purpose)
|
|
|
|
response = self.msg("EXTENDCIRCUIT %s" % " ".join(args))
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if response.code in ('512', '552'):
|
|
raise stem.InvalidRequest(response.code, response.message)
|
|
elif not response.is_ok():
|
|
raise stem.ProtocolError("EXTENDCIRCUIT returned unexpected response code: %s" % response.code)
|
|
|
|
if not response.message.startswith("EXTENDED "):
|
|
raise stem.ProtocolError("EXTENDCIRCUIT response invalid:\n%s", response)
|
|
|
|
new_circuit = response.message.split(" ", 1)[1]
|
|
|
|
if await_build:
|
|
while True:
|
|
circ = circ_queue.get()
|
|
|
|
if circ.id == new_circuit:
|
|
if circ.status == CircStatus.BUILT:
|
|
break
|
|
elif circ.status == CircStatus.FAILED:
|
|
raise stem.CircuitExtensionFailed("Circuit failed to be created: %s" % circ.reason, circ)
|
|
elif circ.status == CircStatus.CLOSED:
|
|
raise stem.CircuitExtensionFailed("Circuit was closed prior to build", circ)
|
|
|
|
return new_circuit
|
|
finally:
|
|
if circ_listener:
|
|
self.remove_event_listener(circ_listener)
|
|
|
|
def repurpose_circuit(self, circuit_id, purpose):
|
|
"""
|
|
Changes a circuit's purpose. Currently, two purposes are recognized...
|
|
* general
|
|
* controller
|
|
|
|
:param str circuit_id: id of the circuit whose purpose is to be changed
|
|
:param str purpose: purpose (either "general" or "controller")
|
|
|
|
:raises: :class:`stem.InvalidArguments` if the circuit doesn't exist or if the purpose was invalid
|
|
"""
|
|
|
|
response = self.msg("SETCIRCUITPURPOSE %s purpose=%s" % (circuit_id, purpose))
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if not response.is_ok():
|
|
if response.code == "552":
|
|
raise stem.InvalidRequest(response.code, response.message)
|
|
else:
|
|
raise stem.ProtocolError("SETCIRCUITPURPOSE returned unexpected response code: %s" % response.code)
|
|
|
|
def close_circuit(self, circuit_id, flag = ''):
|
|
"""
|
|
Closes the specified circuit.
|
|
|
|
:param str circuit_id: id of the circuit to be closed
|
|
:param str flag: optional value to modify closing, the only flag available
|
|
is "IfUnused" which will not close the circuit unless it is unused
|
|
|
|
:raises: :class:`stem.InvalidArguments` if the circuit is unknown
|
|
:raises: :class:`stem.InvalidRequest` if not enough information is provided
|
|
"""
|
|
|
|
response = self.msg("CLOSECIRCUIT %s %s" % (circuit_id, flag))
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if not response.is_ok():
|
|
if response.code in ('512', '552'):
|
|
if response.message.startswith("Unknown circuit "):
|
|
raise stem.InvalidArguments(response.code, response.message, [circuit_id])
|
|
raise stem.InvalidRequest(response.code, response.message)
|
|
else:
|
|
raise stem.ProtocolError("CLOSECIRCUIT returned unexpected response code: %s" % response.code)
|
|
|
|
def get_streams(self, default = UNDEFINED):
|
|
"""
|
|
Provides the list of streams tor is currently handling.
|
|
|
|
:param object default: response if the query fails
|
|
|
|
:returns: list of :class:`stem.response.events.StreamEvent` objects
|
|
|
|
:raises: :class:`stem.ControllerError` if the call fails and no default was
|
|
provided
|
|
"""
|
|
|
|
try:
|
|
streams = []
|
|
response = self.get_info("stream-status")
|
|
|
|
for stream in response.splitlines():
|
|
message = stem.socket.recv_message(StringIO.StringIO("650 STREAM " + stream + "\r\n"))
|
|
stem.response.convert("EVENT", message, arrived_at = 0)
|
|
streams.append(message)
|
|
|
|
return streams
|
|
except Exception as exc:
|
|
if default == UNDEFINED:
|
|
raise exc
|
|
else:
|
|
return default
|
|
|
|
def attach_stream(self, stream_id, circuit_id, exiting_hop = None):
|
|
"""
|
|
Attaches a stream to a circuit.
|
|
|
|
Note: Tor attaches streams to circuits automatically unless the
|
|
__LeaveStreamsUnattached configuration variable is set to "1"
|
|
|
|
:param str stream_id: id of the stream that must be attached
|
|
:param str circuit_id: id of the circuit to which it must be attached
|
|
:param int exiting_hop: hop in the circuit where traffic should exit
|
|
|
|
:raises:
|
|
* :class:`stem.InvalidRequest` if the stream or circuit id were unrecognized
|
|
* :class:`stem.UnsatisfiableRequest` if the stream isn't in a state where it can be attached
|
|
* :class:`stem.OperationFailed` if the stream couldn't be attached for any other reason
|
|
"""
|
|
|
|
query = "ATTACHSTREAM %s %s" % (stream_id, circuit_id)
|
|
|
|
if exiting_hop:
|
|
query += " HOP=%s" % exiting_hop
|
|
|
|
response = self.msg(query)
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if not response.is_ok():
|
|
if response.code == '552':
|
|
raise stem.InvalidRequest(response.code, response.message)
|
|
elif response.code == '551':
|
|
raise stem.OperationFailed(response.code, response.message)
|
|
elif response.code == '555':
|
|
raise stem.UnsatisfiableRequest(response.code, response.message)
|
|
else:
|
|
raise stem.ProtocolError("ATTACHSTREAM returned unexpected response code: %s" % response.code)
|
|
|
|
def close_stream(self, stream_id, reason = stem.RelayEndReason.MISC, flag = ''):
|
|
"""
|
|
Closes the specified stream.
|
|
|
|
:param str stream_id: id of the stream to be closed
|
|
:param stem.RelayEndReason reason: reason the stream is closing
|
|
:param str flag: not currently used
|
|
|
|
:raises: :class:`stem.InvalidArguments` if the stream or reason are not recognized
|
|
:raises: :class:`stem.InvalidRequest` if the stream and/or reason are missing
|
|
"""
|
|
|
|
# there's a single value offset between RelayEndReason.index_of() and the
|
|
# value that tor expects since tor's value starts with the index of one
|
|
|
|
response = self.msg("CLOSESTREAM %s %s %s" % (stream_id, stem.RelayEndReason.index_of(reason) + 1, flag))
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if not response.is_ok():
|
|
if response.code in ('512', '552'):
|
|
if response.message.startswith("Unknown stream "):
|
|
raise stem.InvalidArguments(response.code, response.message, [stream_id])
|
|
elif response.message.startswith("Unrecognized reason "):
|
|
raise stem.InvalidArguments(response.code, response.message, [reason])
|
|
raise stem.InvalidRequest(response.code, response.message)
|
|
else:
|
|
raise stem.ProtocolError("CLOSESTREAM returned unexpected response code: %s" % response.code)
|
|
|
|
def signal(self, signal):
|
|
"""
|
|
Sends a signal to the Tor client.
|
|
|
|
:param stem.Signal signal: type of signal to be sent
|
|
|
|
:raises: :class:`stem.InvalidArguments` if signal provided wasn't recognized
|
|
"""
|
|
|
|
response = self.msg("SIGNAL %s" % signal)
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if not response.is_ok():
|
|
if response.code == "552":
|
|
raise stem.InvalidArguments(response.code, response.message, [signal])
|
|
|
|
raise stem.ProtocolError("SIGNAL response contained unrecognized status code: %s" % response.code)
|
|
|
|
def is_geoip_unavailable(self):
|
|
"""
|
|
Provides **True** if we've concluded hat our geoip database is unavailable,
|
|
**False** otherwise. This is determined by having our 'GETINFO
|
|
ip-to-country/\*' lookups fail so this will default to **False** if we
|
|
aren't making those queries.
|
|
|
|
Geoip failures will be untracked if caching is disabled.
|
|
|
|
:returns: **bool** to indicate if we've concluded our geoip database to be
|
|
unavailable or not
|
|
"""
|
|
|
|
return self._geoip_failure_count >= GEOIP_FAILURE_THRESHOLD
|
|
|
|
def map_address(self, mapping):
|
|
"""
|
|
Map addresses to replacement addresses. Tor replaces subseqent connections
|
|
to the original addresses with the replacement addresses.
|
|
|
|
If the original address is a null address, i.e., one of "0.0.0.0", "::0", or
|
|
"." Tor picks an original address itself and returns it in the reply. If the
|
|
original address is already mapped to a different address the mapping is
|
|
removed.
|
|
|
|
:param dict mapping: mapping of original addresses to replacement addresses
|
|
|
|
:raises:
|
|
* :class:`stem.InvalidRequest` if the addresses are malformed
|
|
* :class:`stem.OperationFailed` if Tor couldn't fulfill the request
|
|
|
|
:returns: **dict** with 'original -> replacement' address mappings
|
|
"""
|
|
|
|
mapaddress_arg = " ".join(["%s=%s" % (k, v) for (k, v) in mapping.items()])
|
|
response = self.msg("MAPADDRESS %s" % mapaddress_arg)
|
|
stem.response.convert("MAPADDRESS", response)
|
|
|
|
return response.entries
|
|
|
|
def _post_authentication(self):
|
|
super(Controller, self)._post_authentication()
|
|
|
|
# try to re-attach event listeners to the new instance
|
|
|
|
with self._event_listeners_lock:
|
|
try:
|
|
failed_events = self._attach_listeners()[1]
|
|
|
|
if failed_events:
|
|
# remove our listeners for these so we don't keep failing
|
|
for event_type in failed_events:
|
|
del self._event_listeners[event_type]
|
|
|
|
logging_id = "stem.controller.event_reattach-%s" % "-".join(failed_events)
|
|
log.log_once(logging_id, log.WARN, "We were unable to re-attach our event listeners to the new tor instance for: %s" % ", ".join(failed_events))
|
|
except stem.ProtocolError as exc:
|
|
log.warn("Unable to issue the SETEVENTS request to re-attach our listeners (%s)" % exc)
|
|
|
|
# issue TAKEOWNERSHIP if we're the owning process for this tor instance
|
|
|
|
owning_pid = self.get_conf("__OwningControllerProcess", None)
|
|
|
|
if owning_pid == str(os.getpid()) and self.get_socket().is_localhost():
|
|
response = self.msg("TAKEOWNERSHIP")
|
|
stem.response.convert("SINGLELINE", response)
|
|
|
|
if response.is_ok():
|
|
# Now that tor is tracking our ownership of the process via the control
|
|
# connection, we can stop having it check for us via our pid.
|
|
|
|
try:
|
|
self.reset_conf("__OwningControllerProcess")
|
|
except stem.ControllerError as exc:
|
|
log.warn("We were unable to reset tor's __OwningControllerProcess configuration. It will continue to periodically check if our pid exists. (%s)" % exc)
|
|
else:
|
|
log.warn("We were unable assert ownership of tor through TAKEOWNERSHIP, despite being configured to be the owning process through __OwningControllerProcess. (%s)" % response)
|
|
|
|
def _handle_event(self, event_message):
|
|
stem.response.convert("EVENT", event_message, arrived_at = time.time())
|
|
|
|
with self._event_listeners_lock:
|
|
for event_type, event_listeners in self._event_listeners.items():
|
|
if event_type == event_message.type:
|
|
for listener in event_listeners:
|
|
listener(event_message)
|
|
|
|
def _attach_listeners(self):
|
|
"""
|
|
Attempts to subscribe to the self._event_listeners events from tor. This is
|
|
a no-op if we're not presently authenticated.
|
|
|
|
:returns: tuple of the form (set_events, failed_events)
|
|
|
|
:raises: :class:`stem.ControllerError` if unable to make our request to tor
|
|
"""
|
|
|
|
set_events, failed_events = [], []
|
|
|
|
with self._event_listeners_lock:
|
|
if self.is_authenticated():
|
|
# try to set them all
|
|
response = self.msg("SETEVENTS %s" % " ".join(self._event_listeners.keys()))
|
|
|
|
if response.is_ok():
|
|
set_events = self._event_listeners.keys()
|
|
else:
|
|
# One of the following likely happened...
|
|
#
|
|
# * Our user attached listeners before having an authenticated
|
|
# connection, so we couldn't check if we met the version
|
|
# requirement.
|
|
#
|
|
# * User attached listeners to one tor instance, then connected us to
|
|
# an older tor instancce.
|
|
#
|
|
# * Some other controller hiccup (far less likely).
|
|
#
|
|
# See if we can set some subset of our events.
|
|
|
|
for event in self._event_listeners.keys():
|
|
response = self.msg("SETEVENTS %s" % " ".join(set_events + [event]))
|
|
|
|
if response.is_ok():
|
|
set_events.append(event)
|
|
else:
|
|
failed_events.append(event)
|
|
|
|
return (set_events, failed_events)
|
|
|
|
|
|
def _parse_circ_path(path):
|
|
"""
|
|
Parses a circuit path as a list of **(fingerprint, nickname)** tuples. Tor
|
|
circuit paths are defined as being of the form...
|
|
|
|
::
|
|
|
|
Path = LongName *("," LongName)
|
|
LongName = Fingerprint [ ( "=" / "~" ) Nickname ]
|
|
|
|
example:
|
|
$999A226EBED397F331B612FE1E4CFAE5C1F201BA=piyaz
|
|
|
|
... *unless* this is prior to tor version 0.2.2.1 with the VERBOSE_NAMES
|
|
feature turned off (or before version 0.1.2.2 where the feature was
|
|
introduced). In that case either the fingerprint or nickname in the tuple
|
|
will be **None**, depending on which is missing.
|
|
|
|
::
|
|
|
|
Path = ServerID *("," ServerID)
|
|
ServerID = Nickname / Fingerprint
|
|
|
|
example:
|
|
$E57A476CD4DFBD99B4EE52A100A58610AD6E80B9,hamburgerphone,PrivacyRepublic14
|
|
|
|
:param str path: circuit path to be parsed
|
|
|
|
:returns: list of **(fingerprint, nickname)** tuples, fingerprints do not have a proceeding '$'
|
|
|
|
:raises: :class:`stem.ProtocolError` if the path is malformed
|
|
"""
|
|
|
|
if path:
|
|
try:
|
|
return [_parse_circ_entry(entry) for entry in path.split(',')]
|
|
except stem.ProtocolError as exc:
|
|
# include the path with the exception
|
|
raise stem.ProtocolError("%s: %s" % (exc, path))
|
|
else:
|
|
return []
|
|
|
|
|
|
def _parse_circ_entry(entry):
|
|
"""
|
|
Parses a single relay's 'LongName' or 'ServerID'. See the
|
|
:func:`~_stem.control._parse_circ_path` function for more information.
|
|
|
|
:param str entry: relay information to be parsed
|
|
|
|
:returns: **(fingerprint, nickname)** tuple
|
|
|
|
:raises: :class:`stem.ProtocolError` if the entry is malformed
|
|
"""
|
|
|
|
if '=' in entry:
|
|
# common case
|
|
fingerprint, nickname = entry.split('=')
|
|
elif '~' in entry:
|
|
# this is allowed for by the spec, but I've never seen it used
|
|
fingerprint, nickname = entry.split('~')
|
|
elif entry[0] == '$':
|
|
# old style, fingerprint only
|
|
fingerprint, nickname = entry, None
|
|
else:
|
|
# old style, nickname only
|
|
fingerprint, nickname = None, entry
|
|
|
|
if fingerprint is not None:
|
|
if not stem.util.tor_tools.is_valid_fingerprint(fingerprint, True):
|
|
raise stem.ProtocolError("Fingerprint in the circuit path is malformed (%s)" % fingerprint)
|
|
|
|
fingerprint = fingerprint[1:] # strip off the leading '$'
|
|
|
|
if nickname is not None and not stem.util.tor_tools.is_valid_nickname(nickname):
|
|
raise stem.ProtocolError("Nickname in the circuit path is malformed (%s)" % nickname)
|
|
|
|
return (fingerprint, nickname)
|
|
|
|
|
|
def _case_insensitive_lookup(entries, key, default = UNDEFINED):
|
|
"""
|
|
Makes a case insensitive lookup within a list or dictionary, providing the
|
|
first matching entry that we come across.
|
|
|
|
:param list,dict entries: list or dictionary to be searched
|
|
:param str key: entry or key value to look up
|
|
:param object default: value to be returned if the key doesn't exist
|
|
|
|
:returns: case insensitive match or default if one was provided and key wasn't found
|
|
|
|
:raises: **ValueError** if no such value exists
|
|
"""
|
|
|
|
if entries is not None:
|
|
if isinstance(entries, dict):
|
|
for k, v in entries.items():
|
|
if k.lower() == key.lower():
|
|
return v
|
|
else:
|
|
for entry in entries:
|
|
if entry.lower() == key.lower():
|
|
return entry
|
|
|
|
if default != UNDEFINED:
|
|
return default
|
|
else:
|
|
raise ValueError("key '%s' doesn't exist in dict: %s" % (key, entries))
|