diff options
-rwxr-xr-x | tor-exit-ssl-check | 70 | ||||
-rwxr-xr-x | tor-exit-ssl-check-many | 53 |
2 files changed, 87 insertions, 36 deletions
diff --git a/tor-exit-ssl-check b/tor-exit-ssl-check index 0c69dc3..0d7e6a9 100755 --- a/tor-exit-ssl-check +++ b/tor-exit-ssl-check @@ -27,14 +27,17 @@ set -u shopt -s extglob usage() { - echo "Usage: $0 [-v [-v]] [-d <datadir>] -c [<cert-cachedir>] <torserver-fpr> <targethost>[:<targetport>] [<targethost>[:<targetport>] [...]]" - echo " If torserver-fpr is -, a list of fingerprints is read from stdin" + echo "Usage: $0 [-v [-v]] [-d <datadir>] -c [<cert-cachedir>] -C [<control socket>] <torserver-fpr> <targethost>[:<targetport>] [<targethost>[:<targetport>] [...]]" + echo " o If torserver-fpr is -, a list of fingerprints is read from stdin" + echo " o with -C set, this script will not launch a tor. instead it will use the" + echo " specified control socket to manipulate an already running Tor as needed." } verbose=0 cachedir="" datadir="" -while getopts "vhc:d:" OPTION +controlsocket="" +while getopts "vhc:d:C:" OPTION do case "$OPTION" in v) @@ -50,6 +53,9 @@ do d) datadir="$OPTARG" ;; + C) + controlsocket="$OPTARG" + ;; *) usage >&2 exit 1 @@ -85,44 +91,48 @@ cleanup() { tmpdir=$(mktemp -d "/tmp/cert-check-XXXXXX") trap 'cleanup' EXIT -pidfile="$tmpdir/pid" -torlog="$tmpdir/log" -if [ "$verbose" -gt 0 ]; then - tail -F "$torlog" & - logpid=$! -fi +if [ -z "$controlsocket" ]; then -if command -v tor > /dev/null; then - tor="tor" -elif [ -x /usr/sbin/tor ]; then - tor="/usr/sbin/tor" -else - echo >&2 "Cannot find tor executable" - exit 1 -fi + pidfile="$tmpdir/pid" + torlog="$tmpdir/log" + if [ "$verbose" -gt 0 ]; then + tail -F "$torlog" & + logpid=$! + fi -if [ "$verbose" -gt 1 ]; then - loglevel="info" -else - loglevel="notice" -fi + if command -v tor > /dev/null; then + tor="tor" + elif [ -x /usr/sbin/tor ]; then + tor="/usr/sbin/tor" + else + echo >&2 "Cannot find tor executable" + exit 1 + fi -datadir=${datadir:-$tmpdir/tor} -cat > "$tmpdir/torrc" << EOF + if [ "$verbose" -gt 1 ]; then + loglevel="info" + else + loglevel="notice" + fi + + datadir=${datadir:-$tmpdir/tor} + controlsocket="$tmpdir/sock" + cat > "$tmpdir/torrc" << EOF DataDirectory $datadir RunAsDaemon 1 SocksPort auto PidFile $pidfile Log $loglevel file $torlog SafeLogging 0 -ControlSocket $tmpdir/sock +ControlSocket $controlsocket StrictNodes 1 EOF -mkdir -p -m 0700 "$datadir" -if [ "$verbose" -gt 0 ]; then hush=""; else hush="--hush"; fi -"$tor" $hush -f "$tmpdir/torrc" -torpid="$(cat $pidfile)" + mkdir -p -m 0700 "$datadir" + if [ "$verbose" -gt 0 ]; then hush=""; else hush="--hush"; fi + "$tor" $hush -f "$tmpdir/torrc" + torpid="$(cat $pidfile)" +fi eatdata() { @@ -163,7 +173,7 @@ for ((i=0; i < ${#targets[@]}; i++)); do done -coproc socat UNIX-CONNECT:"$tmpdir/sock" - +coproc socat UNIX-CONNECT:"$controlsocket" - echo 'AUTHENTICATE' >&${COPROC[1]} expect_ok diff --git a/tor-exit-ssl-check-many b/tor-exit-ssl-check-many index 9f5a1e7..69dac4a 100755 --- a/tor-exit-ssl-check-many +++ b/tor-exit-ssl-check-many @@ -34,16 +34,26 @@ usage() { echo " -h print this help" } + +TORPID="" +CHECKDIR="" + +cleanup() { + [ -z "$TORPID" ] || kill "$TORPID" || true + [ -z "$CHECKDIR" ] || rm -rf "$CHECKDIR" || true +} + + + AUTH=tor.noreply.org PER_RUN=60 -DATADIR=$(mktemp -d "/tmp/tor-checks-XXXXXX") -DUMPFILE=$(tempfile) DEFAULT_CHECKHOSTS="www.torproject.org" LOGDIR="tor-exit-ssl-check-many.log" CACHEDIR="tor-exit-ssl-check-many.cache" MAIL=0 - -trap "rm -rf '$DATADIR' '$DUMPFILE'" EXIT +CHECKDIR=$(mktemp -d "/tmp/cert-check-many-XXXXXX") +DUMPFILE="$CHECKDIR/dump" +trap 'cleanup' EXIT mkdir -vp "$LOGDIR" mkdir -vp "$CACHEDIR" @@ -100,7 +110,7 @@ run_some_checks() { head -n "$PER_RUN" | \ while read fpr; do [ "$VERBOSE" = 0 ] || echo -n "Checking $host at $fpr..." - if tor-exit-ssl-check -c "$CACHEDIR" -d "$DATADIR" "$fpr" $host > "$DUMPFILE" 2>&1; then + if tor-exit-ssl-check -c "$CACHEDIR" -C "$CONTROLSOCKET" "$fpr" $host > "$DUMPFILE" 2>&1; then ecode=0 else ecode="$?" @@ -132,7 +142,38 @@ run_some_checks() { done } + +start_tor() { + local pidfile="$CHECKDIR/pid" + + if command -v tor > /dev/null; then + tor="tor" + elif [ -x /usr/sbin/tor ]; then + tor="/usr/sbin/tor" + else + echo >&2 "Cannot find tor executable" + exit 1 + fi + + local datadir="$CHECKDIR/tor" + CONTROLSOCKET="$CHECKDIR/sock" + cat > "$CHECKDIR/torrc" << EOF +DataDirectory $datadir +RunAsDaemon 1 +SocksPort auto +PidFile $pidfile +SafeLogging 0 +ControlSocket $CONTROLSOCKET +StrictNodes 1 +EOF + + mkdir -p -m 0700 "$datadir" + "$tor" --hush -f "$CHECKDIR/torrc" + TORPID="$(cat $pidfile)" +} + +start_tor while : ; do run_some_checks - sleep 15 + sleep 60 done |