Browse Source

add USETOR option to report using tor. [#773663]

Contributed by by Federico Ceratto and Tim Retout.

This feature requires the packages 'tor' and 'torsocks' to be installed,
and the option USETOR to be set to yes or maybe
suites/unstable
Bill Allombert 4 years ago
parent
commit
7ac40f3d32
  1. 8
      FAQ
  2. 9
      debian/changelog
  3. 2
      debian/control
  4. 44
      debian/cron.daily
  5. 10
      default.conf

8
FAQ

@ -25,6 +25,14 @@ A) Yes, however if the package gnupg is installed and ENCRYPT is set to 'maybe'
public key cryptography, so the eavesdropper should not be able to decrypt
them. The default is 'maybe' with popularity-contest 1.60.
Encrypting popcon submissions still reveals that a particular host
is running Debian or a derivative; and the administrators of the
popcon server can associate submissions with a source IP address.
To prevent this, if USETOR is set to 'maybe' or 'yes', and if the
'tor' and 'torsocks' packages are installed, the submission will be
made over Tor. The default is 'maybe' with popularity-contest
1.65, so Tor will be used if available.
Q) What are the privacy considerations for popularity-contest ?
A) Each popularity-contest host is identified by a random 128bit uuid

9
debian/changelog

@ -1,3 +1,12 @@
popularity-contest (1.67) UNRELEASED; urgency=medium
* debian/cron.daily, FAQ: patch from Federico Ceratto and Tim Retout:
- add USETOR option to report using tor.
This feature requires the packages 'tor' and 'torsocks' to be installed.
Closes: #773663.
-- Bill Allombert <ballombe@debian.org> Sun, 20 May 2018 14:49:51 +0200
popularity-contest (1.66) unstable; urgency=medium
* popularity-contest: Ignore files under /usr/lib/mime/packages/

2
debian/control

@ -14,7 +14,7 @@ Architecture: all
Pre-Depends: debconf (>= 1.5.34) | cdebconf (>= 0.106)
Depends: ${misc:Depends}, ${perl:Depends}, dpkg (>= 1.10)
Recommends: gnupg, cron | cron-daemon, exim4 | mail-transport-agent
Suggests: anacron
Suggests: anacron, tor, torsocks
Provides: popcon
Description: Vote for your favourite packages automatically
The popularity-contest package sets up a cron job that will

44
debian/cron.daily

@ -14,8 +14,39 @@ unset MY_HOSTID
unset PARTICIPATE
unset SUBMITURLS
unset USEHTTP
unset USETOR
unset MTAOPS
TORIFY_PATH=/usr/bin/torify
torify_enabled() {
# Return 1 to enable torify for HTTP submission, otherwise 0; exit on error
TORSOCKS_PATH=/usr/bin/torsocks
[ -f "$TORIFY_PATH" ] && [ -f "$TORSOCKS_PATH" ] && TOR_AVAILABLE=1
case "$USETOR" in
"yes")
if [ -z $TOR_AVAILABLE ]; then
echo "popularity-contest: USETOR is set but torify is not available." 2>&1
echo "popularity-contest: Please install the tor and torsocks packages." 2>&1
exit 1
fi
if [ "yes" != "$USEHTTP" ]; then
echo "popularity-contest: when USETOR is set USEHTTP must be set as well" 2>&1
exit 1
fi
return 0
;;
"maybe")
[ "yes" = "$USEHTTP" ] && [ ! -z $TOR_AVAILABLE ] && return 0
return 1
;;
"no")
return 1
;;
esac
}
# get configuration information
. /usr/share/popularity-contest/default.conf
. /etc/popularity-contest.conf
@ -33,6 +64,14 @@ if [ -z "$MAILTO" ] && [ "yes" != "$USEHTTP" ]; then exit 0; fi
# don't run if PARTICIPATE is "no" or unset!
if [ "$PARTICIPATE" = "no" ] || [ -z "$PARTICIPATE" ]; then exit 0; fi
# enable torify
if torify_enabled; then
TORIFY=$TORIFY_PATH
else
TORIFY=''
fi
if [ -n "$HTTP_PROXY" ]; then
export http_proxy="$HTTP_PROXY";
fi
@ -107,7 +146,7 @@ SUBMITTED=no
# try to post the report through http POST
if [ "$SUBMITURLS" ] && [ "yes" = "$USEHTTP" ]; then
for URL in $SUBMITURLS ; do
if setsid /usr/share/popularity-contest/popcon-upload \
if setsid $TORIFY /usr/share/popularity-contest/popcon-upload \
-u $URL -f $POPCON 2>/dev/null ; then
SUBMITTED=yes
else
@ -117,8 +156,9 @@ if [ "$SUBMITURLS" ] && [ "yes" = "$USEHTTP" ]; then
fi
# try to email the popularity contest data
# skip emailing if USETOR is set
if [ "$MODE" = "--crond" ] && [ yes != "$SUBMITTED" ] && [ "$MAILTO" ]; then
if [ "$MODE" = "--crond" ] && [ yes != "$SUBMITTED" ] && [ yes != "$USETOR" ] && [ "$MAILTO" ]; then
if [ -x "`which sendmail 2>/dev/null`" ]; then
(
if [ -n "$MAILFROM" ]; then

10
default.conf

@ -51,6 +51,16 @@ SUBMITURLS="http://popcon.debian.org/cgi-bin/popcon.cgi"
# USEHTTP enables http reporting. Set this to 'yes' to enable it.
USEHTTP="yes"
# USETOR enables using Tor to perform http reporting.
# In order to use Tor also set USEHTTP to "yes" and ensure that the
# "tor" and "torsocks" packages are installed and the tor daemon
# is running. More information: https://www.torproject.org/
# Supported values:
# yes: use Tor; exit with error if not available.
# maybe: use Tor if available.
# no: do not use Tor.
USETOR="maybe"
# HTTP_PROXY allows to specify an HTTP proxy server, the syntax is
# HTTP_PROXY="http://proxy:port". This overrides the environment
# variable http_proxy.

Loading…
Cancel
Save