We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
servnest
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Store Tor config and keys in $username/$dir

Miraty 3 years ago
parent
6dbc63a36a
commit
9fa902f768
6 changed files with 37 additions and 26 deletions
Split View Show Diff Stats
  1. 4 3
      config.ini
  2. 10 0
      fn/common.php
  3. 3 9
      fn/ht.php
  4. 10 1
      public/auth/register.php
  5. 7 7
      public/auth/unregister.php
  6. 3 6
      public/ht/add-http-onion.php

+ 4 - 3
config.ini
View File 

@@ -23,10 +23,10 @@ enabled = true
 
 ht_path = "/srv/ht"
 
 ; Nginx configuration directory
 
 nginx_config_path = "/etc/nginx/ht"
 
-; Tor configuration file
 
-tor_config_path = "/etc/tor/torrc"
 
+; Tor configuration directory
 
+tor_config_path = "/srv/niver/tor-config"
 
 ; Tor keys directory
 
-tor_keys_path = "/var/lib/tor/keys"
 
+tor_keys_path = "/srv/niver/tor-keys"
 
 tor_service = "tor"
 
 tor_user = "tor"
 
 
@@ -36,6 +36,7 @@ certbot_path = "/usr/bin/certbot"
 
 chgrp_path = "/usr/bin/chgrp"
 
 cat_path = "/usr/bin/cat"
 
 rm_path = "/usr/bin/rm"
 
+mkdir_path = "/usr/bin/mkdir"
 
 
 sftpgo_group = sftpgo

+ 10 - 0
fn/common.php
View File 

@@ -86,3 +86,13 @@ function redir() {
 
 		header('Location: ' . CONF['common']['prefix'] . '/');
 
 	}
 
 }
 
+
 
+// PHP rmdir() only works on empty directories
 
+function removeDirectory($dir) {
 
+	$dirObj = new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS);
 
+	$files = new RecursiveIteratorIterator($dirObj, RecursiveIteratorIterator::CHILD_FIRST);
 
+	foreach ($files as $file)
 
+		$file->isDir() && !$file->isLink() ? rmdir($file->getPathname()) : unlink($file->getPathname());
 
+	if (rmdir($dir) !== true)
 
+		serverError("Unable to remove directory.");
 
+}

+ 3 - 9
fn/ht.php
View File 

@@ -50,14 +50,8 @@ function htDeleteSite($dir, $domainType, $protocol) {
 
 
 	if ($domainType === 'onion') {
 
 		// Delete Tor config
 
-		$torConf = file_get_contents(CONF['ht']['tor_config_path']);
 
-		if ($torConf === false)
 
-			serverError("Failed to read current Tor configuration.");
 
-		$torConf = str_replace('HiddenServiceDir ' . CONF['ht']['tor_keys_path'] . '/' . $dir . '/
 
-HiddenServicePort 80 [::1]:' . CONF['ht']['internal_onion_http_port'] . '
 
-', '', $torConf);
 
-		if (file_put_contents(CONF['ht']['tor_config_path'], $torConf) === false)
 
-			serverError("Failed to write new Tor configuration.");
 
+		if (unlink(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $dir) !== true)
 
+			serverError("Failed to delete Tor configuration.");
 
 
 		// Reload Tor
 
 		exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
 
@@ -65,7 +59,7 @@ HiddenServicePort 80 [::1]:' . CONF['ht']['internal_onion_http_port'] . '
 
 			serverError("Failed to reload Tor.");
 
 
 		// Delete Tor keys
 
-		exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $dir, $output, $code);
 
+		exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['rm_path'] . ' --recursive ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $dir, $output, $code);
 
 		if ($code !== 0)
 
 			serverError("Failed to delete Tor keys.");
 
 	}

+ 10 - 1
public/auth/register.php
View File 

@@ -36,10 +36,19 @@ if (userExist($_POST['username']) !== false)
 
 umask(0002);
 
 if (mkdir(CONF['ht']['ht_path'] . "/" . $_POST['username'], 0775) !== true)
 
 	serverError("Can't create user directory.");
 
-exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['chgrp_path'] . " " . CONF['ht']['sftpgo_group'] . " " . CONF['ht']['ht_path'] . "/" . $_POST['username'] . " --no-dereference", $stdout, $code);
 
+exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['chgrp_path'] . " " . CONF['ht']['sftpgo_group'] . " " . CONF['ht']['ht_path'] . "/" . $_POST['username'] . " --no-dereference", result_code: $code);
 
 if ($code !== 0)
 
 	serverError("Can't change user directory group.");
 
 
+// Setup Tor config directory
 
+if (mkdir(CONF['ht']['tor_config_path'] . "/" . $_POST['username'], 0755) !== true)
 
+	serverError("Can't create Tor config directory.");
 
+
 
+// Setup Tor keys directory
 
+exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['mkdir_path'] . " --mode=0700 " . CONF['ht']['tor_keys_path'] . "/" . $_POST['username'], result_code: $code);
 
+if ($code !== 0)
 
+	serverError("Can't create Tor keys directory.");
 
+
 
 $db = new PDO('sqlite:' . DB_PATH);
 
 
 $stmt = $db->prepare("INSERT INTO users(username, password, registration_date) VALUES(:username, :password, :registration_date)");

+ 7 - 7
public/auth/unregister.php
View File 

@@ -34,13 +34,13 @@ foreach (query('select', 'sites', [
 
 ], 'site_dir') as $dir)
 
 	htDeleteSite($dir, domainType: 'dns', protocol: 'http');
 
 
-// PHP rmdir() only works on empty directories
 
-$dirObj = new RecursiveDirectoryIterator(CONF['ht']['ht_path'] . "/" . $_SESSION['username'], RecursiveDirectoryIterator::SKIP_DOTS);
 
-$files = new RecursiveIteratorIterator($dirObj, RecursiveIteratorIterator::CHILD_FIRST);
 
-foreach ($files as $path)
 
-	$path->isDir() && !$path->isLink() ? rmdir($path->getPathname()) : unlink($path->getPathname());
 
-if (rmdir(CONF['ht']['ht_path'] . '/' . $_SESSION['username']) !== true)
 
-	serverError("Unable to delete user's hypertext directory.");
 
+exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code);
 
+if ($code !== 0)
 
+	serverError("Can't remove Tor keys directory.");
 
+
 
+removeDirectory(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username']);
 
+
 
+removeDirectory(CONF['ht']['ht_path'] . '/' . $_SESSION['username']);
 
 
 query('delete', 'users', ['username' => $_SESSION['username']]);

+ 3 - 6
public/ht/add-http-onion.php
View File 

@@ -34,13 +34,10 @@ if ($dirsStatuses[$_POST['dir']] !== false)
 
 	userError("Wrong value for <code>dir</code>.");
 
 
 // Add Tor config
 
-$torConf = file_get_contents(CONF['ht']['tor_config_path']);
 
-if ($torConf === false)
 
-	serverError("Failed to read current Tor configuration.");
 
-$torConf = $torConf . "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_POST['dir'] . "/
 
+$torConf = "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'] . "/" . $_POST['dir'] . "/
 
 HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
 
 ";
 
-if (file_put_contents(CONF['ht']['tor_config_path'], $torConf) === false)
 
+if (file_put_contents(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'], $torConf) === false)
 
 	serverError("Failed to write new Tor configuration.");
 
 
 // Reload Tor
 
@@ -49,7 +46,7 @@ if ($code !== 0)
 
 	serverError("Failed to reload Tor.");
 
 
 // Get the address generated by Tor
 
-exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['cat_path'] . " " . CONF['ht']['tor_keys_path'] . "/" . $_POST['dir'] . "/hostname", $output);
 
+exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . '/hostname', $output);
 
 $onion = $output[0];
 
 if (preg_match("/[0-9a-z]{56}\.onion/", $onion) !== 1)
 
 	serverError("No onion address found.");

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5