Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes #4627 Adds v2 and v3 onion service variables #4648

Merged
merged 1 commit into from
Jul 30, 2019
Merged

Fixes #4627 Adds v2 and v3 onion service variables #4648

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions admin/securedrop_admin/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -409,11 +409,33 @@ def load_and_update_config(self):

def update_config(self):
self.config.update(self.user_prompt_config())
self.update_onion_version_config()
self.save()
self.validate_gpg_keys()
self.validate_journalist_alert_email()
return True

def update_onion_version_config(self):
"""
This method updates onion service related configurations.
"""
v2 = False
v3 = True
source_ths = os.path.join(self.args.ansible_path, "app-source-ths")
if os.path.exists(source_ths): # Means old installation
data = ""
with open(source_ths) as fobj:
data = fobj.read()

data = data.strip()
if len(data) < 56: # Old v2 onion address
v2 = True

# Now update the configuration
config = {"v2_onion_services": v2,
"v3_onion_services": v3}
self.config.update(config)

def user_prompt_config(self):
config = {}
for desc in self.desc:
Expand Down
6 changes: 6 additions & 0 deletions admin/tests/test_integration.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,8 @@
smtp_relay: smtp.gmail.com
smtp_relay_port: 587
ssh_users: sd
v2_onion_services: false
v3_onion_services: true
'''

JOURNALIST_ALERT_OUTPUT = '''app_hostname: app
Expand Down Expand Up @@ -74,6 +76,8 @@
smtp_relay: smtp.gmail.com
smtp_relay_port: 587
ssh_users: sd
v2_onion_services: false
v3_onion_services: true
'''

HTTPS_OUTPUT = '''app_hostname: app
Expand Down Expand Up @@ -104,6 +108,8 @@
smtp_relay: smtp.gmail.com
smtp_relay_port: 587
ssh_users: sd
v2_onion_services: false
v3_onion_services: true
'''


Expand Down
61 changes: 61 additions & 0 deletions admin/tests/test_securedrop-admin.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
#

import io
import os
import argparse
from flaky import flaky
from os.path import dirname, join, basename, exists
Expand Down Expand Up @@ -617,6 +618,66 @@ def test_save(self, tmpdir):
""")
assert expected == io.open(site_config_path).read()

def test_old_v2_onion_services(self, tmpdir):
"Checks for exitsing v2 source address"
site_config_path = join(str(tmpdir), 'site_config')
args = argparse.Namespace(site_config=site_config_path,
ansible_path='.',
app_path=dirname(__file__))
site_config = securedrop_admin.SiteConfig(args)
with open("app-source-ths", "w") as fobj:
fobj.write("aaaaaaaaaaaaaaaa.onion\n")
site_config.update_onion_version_config()
site_config.save()
data = ""
with open(site_config_path) as fobj:
data = fobj.read()
expected = textwrap.dedent("""\
v2_onion_services: true
v3_onion_services: true
""")
os.remove("app-source-ths")
assert expected == data

def test_no_v2_onion_services(self, tmpdir):
"Checks for new installation for only v3"
site_config_path = join(str(tmpdir), 'site_config')
args = argparse.Namespace(site_config=site_config_path,
ansible_path='.',
app_path=dirname(__file__))
site_config = securedrop_admin.SiteConfig(args)
site_config.update_onion_version_config()
site_config.save()
data = ""
with open(site_config_path) as fobj:
data = fobj.read()
expected = textwrap.dedent("""\
v2_onion_services: false
v3_onion_services: true
""")
assert expected == data

def test_only_v3_onion_services(self, tmpdir):
"Checks for new installation for only v3 ths file"
site_config_path = join(str(tmpdir), 'site_config')
args = argparse.Namespace(site_config=site_config_path,
ansible_path='.',
app_path=dirname(__file__))
site_config = securedrop_admin.SiteConfig(args)
with open("app-source-ths", "w") as fobj:
fobj.write("a" * 56 + ".onion\n")
site_config.update_onion_version_config()
site_config.save()
data = ""
with open(site_config_path) as fobj:
data = fobj.read()
expected = textwrap.dedent("""\
v2_onion_services: false
v3_onion_services: true
""")
os.remove("app-source-ths")
assert expected == data

def test_validate_gpg_key(self, caplog):
args = argparse.Namespace(site_config='INVALID',
ansible_path='tests/files',
Expand Down