From patchwork Thu Nov 30 07:56:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Erik Kapfer X-Patchwork-Id: 7366 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4SgpRr4Qz4z3wtp for ; Thu, 30 Nov 2023 07:56:40 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4SgpRp0Yd3zkM; Thu, 30 Nov 2023 07:56:38 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4SgpRn4wksz30RK; Thu, 30 Nov 2023 07:56:37 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4SgpRd5F9Nz30Cv for ; Thu, 30 Nov 2023 07:56:29 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4SgpRb69Yrz84; Thu, 30 Nov 2023 07:56:27 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1701330987; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=beUJf6OKQIiW6TSkWo0BW/dKhKb9LRpyMzViBf1Mx0s=; b=UgG1pgXnP1dIi94eEFsrNMhUN1Se4G6DR6hAlCWv8H87VYxOFs8cI3xoQ0a7dWdeoDUXtu 6PiD5mv7+ERqV8AA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1701330987; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=beUJf6OKQIiW6TSkWo0BW/dKhKb9LRpyMzViBf1Mx0s=; b=f2SmeAv7fcK9soiRSm0IkMrZ35iXhuzRoj+mKRHt/njyveTR7/RxgrITMEEgoV4njhztri NFI/DnSZDMm1ewSpcn7B0YNjTeBZwClveZSZAlAb4KPnJEcASC28sJV1ydt3ZlU6h/n/MG 3WgWsxETsAnivn+D4+JXKc/HEdzjWr4HyAg/UzihWaNfOEH9KjeI/J3pyeyaUxDei54KmN sYKZ5BWfu22+Iyb+px30FR/TDvZ8S/GijAZEjObWH7SgYIMb9F3N7HrY1BzTnpqVMZVpeV 950QiXJqHzA3HCSWXB8QlRNKVhVXdwtO0wwAV60djR5vLGyPKBr+PcghHwyB/w== From: Erik Kapfer To: development@lists.ipfire.org Subject: [PATCH 1/2] tor.cgi: Fixes deprecated tor option 'ExitNode' to 'ExitNodes' Date: Thu, 30 Nov 2023 08:56:04 +0100 Message-ID: <20231130075617.3961868-1-erik.kapfer@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: DKHKSCAA67FWJE4ZZR3BEHX5NBINZ3ZM X-Message-ID-Hash: DKHKSCAA67FWJE4ZZR3BEHX5NBINZ3ZM X-MailFrom: erik.kapfer@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: If fingerprints in the Exit Node section are in usage, tor.cgi prints the deprecated option 'ExitNode' into torrc which leads to the following warning "The abbreviation ‘ExitNode’ is deprecated. Please use ‘ExitNodes’ instead". Fix has been found and tested in the community for reference please see --> https://community.ipfire.org/t/the-abbreviation-exitnode-is-deprecated-please-use-exitnodes-instead/10582/10 Signed-off-by: Erik Kapfer --- html/cgi-bin/tor.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi index 75fdf0d5d..9aa2bc95a 100644 --- a/html/cgi-bin/tor.cgi +++ b/html/cgi-bin/tor.cgi @@ -790,7 +790,7 @@ sub BuildConfiguration() { my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'}); foreach (@nodes) { - print FILE "ExitNode $_\n"; + print FILE "ExitNodes $_\n"; } } From patchwork Thu Nov 30 07:56:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Erik Kapfer X-Patchwork-Id: 7367 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4SgpRv6gS0z3wtp for ; Thu, 30 Nov 2023 07:56:43 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4SgpRp3MHnz1P4; Thu, 30 Nov 2023 07:56:38 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4SgpRp0D6hz30RT; Thu, 30 Nov 2023 07:56:38 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4SgpRf3P5fz30Cv for ; Thu, 30 Nov 2023 07:56:30 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4SgpRf297Yz84; Thu, 30 Nov 2023 07:56:30 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1701330990; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=R6VAyEA9svwhcO6ARkpV20Vxr4k0PRzwbaVDk4YcI94=; b=/ZmNuAcAM+xN9ODZrK7Z5+ZkASEux3a62aAug/94WvvC1PyCP/tAgkWVb97bEZE7IsrCgL vBfjXzCO4grR/nBQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1701330990; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=R6VAyEA9svwhcO6ARkpV20Vxr4k0PRzwbaVDk4YcI94=; b=Tkw484MylYU8/aJnBLNX8oBUXnlBz8VLC2IWM1SsXjIDEHxFgej5XZmdk3/M0IiztaM55v rVAgypUjrpCN+x9wlLwk05fUv+kwPiWgoFEpz6SVAtZ4s297w2OSHmHImijZ8Fn1XNPcum tD8CxdXJrkLPsq17gwE3nMZnSg0TBkseA6QFfBGe0nHLVvamJPw1jW5O0qyeVjC3W/LSza zFQ3ezUcKd8t3WWkrW5cIhxmTzxeAtMNgAHCUxqXWe3K2+YEV8ekjHyH/Wt6Jd0xZouhUD Z/IX1cGS/09WcmC16GB2+VPMjanVBXI42qI3li74BAcicQu2PggqQxfp6QHL9Q== From: Erik Kapfer To: development@lists.ipfire.org Subject: [PATCH 2/2] update.sh: If 'ExitNode' is in usage, it will be changed to 'ExitNodes' Date: Thu, 30 Nov 2023 08:56:05 +0100 Message-ID: <20231130075617.3961868-2-erik.kapfer@ipfire.org> In-Reply-To: <20231130075617.3961868-1-erik.kapfer@ipfire.org> References: <20231130075617.3961868-1-erik.kapfer@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: JJO2UKPTG4TGNJ5RSUX4THQ2JS5PRBTQ X-Message-ID-Hash: JJO2UKPTG4TGNJ5RSUX4THQ2JS5PRBTQ X-MailFrom: erik.kapfer@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Signed-off-by: Erik Kapfer --- config/rootfiles/core/182/update.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/config/rootfiles/core/182/update.sh b/config/rootfiles/core/182/update.sh index 4416e73f4..cb7d853ec 100644 --- a/config/rootfiles/core/182/update.sh +++ b/config/rootfiles/core/182/update.sh @@ -91,6 +91,17 @@ if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then /etc/rc.d/init.d/ipsec start fi +# Change deprecated option in tor configuration file if in usage +if grep -q 'ExitNode ' /var/ipfire/tor/torrc; then + if pgrep tor >/dev/null; then + /usr/local/bin/torctrl stop >/dev/null + sed -i 's/ExitNode /ExitNodes /g' /var/ipfire/tor/torrc + /usr/local/bin/torctrl restart >/dev/null + fi +else + sed -i 's/ExitNode /ExitNodes /g' /var/ipfire/tor/torrc +fi + # Rebuild initial ramdisks dracut --regenerate-all --force KVER="xxxKVERxxx"