Switch xmpp to using email onion domain

1390ec7a · Bob Mottram · 0a8f8d8f · 1390ec7a · 1390ec7a · 1390ec7a
Commit 1390ec7a authored 6 years ago by Bob Mottram
--- a/src/freedombone-app-profanity
+++ b/src/freedombone-app-profanity
@@ -276,7 +276,7 @@ function install_profanity {
        mkdir -p "$XMPP_CLIENT_DIR"
    fi

-    XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
+    XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_email/hostname)
    #MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$MY_USERNAME" "$MY_USERNAME@$DEFAULT_DOMAIN_NAME")

    if [[ $ONION_ONLY == 'no' ]]; then
@@ -304,7 +304,7 @@ function install_profanity {
        fi
    fi

-    if [ -f /var/lib/tor/hidden_service_xmpp/hostname ]; then
+    if [ -f /var/lib/tor/hidden_service_email/hostname ]; then
        echo "[${MY_USERNAME}@${XMPP_ONION_HOSTNAME}]" >> "$XMPP_CLIENT_ACCOUNTS"
        if [[ $ONION_ONLY == 'no' ]]; then
            echo 'enabled=false' >> "$XMPP_CLIENT_ACCOUNTS"

--- a/src/freedombone-app-xmpp
+++ b/src/freedombone-app-xmpp
@@ -127,7 +127,7 @@ function xmpp_update_e2e_policy {
    fi

    if [[ "$ONION_ONLY" != 'no' ]]; then
-        XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
+        XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_email/hostname)
        sed -i "s|VirtualHost \".*.onion.*|VirtualHost \"${XMPP_ONION_HOSTNAME}\"|g" "$filename"
        # TLS is not strictly needed for onion transport security
        sed -i 's|c2s_require_encryption =.*|c2s_require_encryption = false|g' "$filename"
@@ -306,7 +306,7 @@ function remove_user_xmpp {

    "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp xmpp
    if [[ "$ONION_ONLY" != "no" ]]; then
-        DOMAIN=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
+        DOMAIN=$(cat /var/lib/tor/hidden_service_email/hostname)
    else
        DOMAIN=${HOSTNAME}
    fi
@@ -372,7 +372,7 @@ function add_user_xmpp {
    new_username="$1"
    new_user_password="$2"

-    XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
+    XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_email/hostname)
    "${PROJECT_NAME}-pass" -u "$new_username" -a xmpp -p "$new_user_password"

    if [[ "$ONION_ONLY" != "no" ]]; then
@@ -773,9 +773,6 @@ function remove_xmpp {
    firewall_remove 5280 tcp
    firewall_remove 5281 tcp

-    function_check remove_onion_service
-    remove_onion_service xmpp 5222 5223 5269
-
    $PACKAGE_UNHOLD prosody
    $REMOVE_PACKAGES_PURGE prosody
    rm /etc/cron.daily/prosody
@@ -1163,6 +1160,23 @@ function install_xmpp_nightly {
    set_completion_param "prosody_filename" "${prosody_filename}"
 }

+function add_xmpp_onion_to_email {
+    if ! grep -q 'hidden_service_xmpp' "/etc/torrc.d/${PROJECT_NAME}"; then
+        return
+    fi
+
+    # remove xmpp hidden service
+    sed -i "/hidden_service_xmpp/,+1 d" "/etc/torrc.d/${PROJECT_NAME}"
+    sed -i '/5222/d' "/etc/torrc.d/${PROJECT_NAME}"
+    sed -i '/5269/d' "/etc/torrc.d/${PROJECT_NAME}"
+
+    # add xmpp ports to email
+    sed -i '/ 465 /a HiddenServicePort 5269 127.0.0.1:5269' "/etc/torrc.d/${PROJECT_NAME}"
+    sed -i '/ 465 /a HiddenServicePort 5222 127.0.0.1:5222' "/etc/torrc.d/${PROJECT_NAME}"
+
+    systemctl restart tor
+}
+
 function install_xmpp {
    if [ ! -d "$INSTALL_DIR" ]; then
        mkdir -p "$INSTALL_DIR"
@@ -1332,22 +1346,12 @@ function install_xmpp {
        echo $'No Tor installation found. xmpp onion site cannot be configured.'
        exit 877367
    fi
-    if ! grep -q "hidden_service_xmpp" "$ONION_SERVICES_FILE"; then
-        { echo 'HiddenServiceDir /var/lib/tor/hidden_service_xmpp/';
-          echo 'HiddenServiceVersion 3';
-          echo "HiddenServicePort 5222 127.0.0.1:5222";
-          echo "HiddenServicePort 5269 127.0.0.1:5269"; } >> "$ONION_SERVICES_FILE"
-        echo $'Added onion site for xmpp chat'
-    fi

-    onion_update
-    wait_for_onion_service 'xmpp'
-
-    if [ ! -f /var/lib/tor/hidden_service_xmpp/hostname ]; then
+    if [ ! -f /var/lib/tor/hidden_service_email/hostname ]; then
        echo $'xmpp onion site hostname not found'
        exit 65349
    fi
-    XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
+    XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_email/hostname)
    if ! grep -q "${XMPP_ONION_HOSTNAME}" /etc/prosody/conf.avail/xmpp.cfg.lua; then
        { echo '';
          echo "VirtualHost \"${XMPP_ONION_HOSTNAME}\"";
@@ -1403,6 +1407,9 @@ function install_xmpp {
    fi

    $PACKAGE_HOLD prosody
+
+    add_xmpp_onion_to_email
+
    systemctl restart prosody

    configure_xmppsend

--- a/src/freedombone-base-email
+++ b/src/freedombone-base-email
@@ -224,12 +224,14 @@ function email_create_template {

 function create_email_onion_address {
    email_hostname='/var/lib/tor/hidden_service_email/hostname'
-    if ! grep -q "hidden_service_email" $ONION_SERVICES_FILE; then
+    if ! grep -q "hidden_service_email" "$ONION_SERVICES_FILE"; then
        { echo 'HiddenServiceDir /var/lib/tor/hidden_service_email/';
          echo 'HiddenServiceVersion 3';
          echo 'HiddenServicePort 25 127.0.0.1:25';
          echo 'HiddenServicePort 587 127.0.0.1:587';
-          echo 'HiddenServicePort 465 127.0.0.1:465'; } >> $ONION_SERVICES_FILE
+          echo 'HiddenServicePort 465 127.0.0.1:465';
+          echo "HiddenServicePort 5222 127.0.0.1:5222";
+          echo "HiddenServicePort 5269 127.0.0.1:5269"; } >> "$ONION_SERVICES_FILE"

        function_check onion_update
        onion_update
@@ -301,7 +303,7 @@ function configure_email_onion {
      echo "  route_data = \${perl{onionLookup}{$RISEUP_EMAIL_ONION}}"
      echo "  no_more"; } > /etc/exim4/conf.d/router/905_exim4-config-riseup

-    if ! grep -q "*.onion" /etc/exim4/conf.d/router/200_exim4-config_primary; then
+    if ! grep -q '\*.onion' /etc/exim4/conf.d/router/200_exim4-config_primary; then
       sed -i 's|domains = ! +local_domains|domains = ! +local_domains : ! *.onion : ! riseup.net|g' /etc/exim4/conf.d/router/200_exim4-config_primary
    fi


--- a/src/freedombone-upgrade
+++ b/src/freedombone-upgrade
@@ -138,6 +138,7 @@ if [ -d "$PROJECT_DIR" ]; then
        #rebuild_exim_with_socks
        install_dynamicdns
        torrc_migrate
+        add_xmpp_onion_to_email
        nodejs_upgrade
        $INSTALL_PACKAGES_BACKPORTS certbot
        email_install_tls