onionr/src/netcontroller/torcontrol/gentorrc.py

import base64
import os
import subprocess

from .. import getopenport
from . import customtorrc
from . import addbridges
from . import torbinary
from utils import identifyhome
import config

add_bridges = addbridges.add_bridges


def generate_torrc(net_controller, api_server_ip):
    """
        Generate a torrc file for our tor instance
    """
    socks_port = net_controller.socksPort
    hs_ver = '# v2 onions'
    home_dir = identifyhome.identify_home()
    tor_config_location = home_dir + '/torrc'

    if config.get('tor.v3onions'):
        hs_ver = 'HiddenServiceVersion 3'

    """
    Set the Tor control password.
    Meant to make it harder to manipulate our Tor instance
    """
    plaintext = base64.b64encode(os.urandom(50)).decode()
    config.set('tor.controlpassword', plaintext, savefile=True)
    config.set('tor.socksport', socks_port, savefile=True)

    controlPort = getopenport.get_open_port()

    config.set('tor.controlPort', controlPort, savefile=True)

    hashedPassword = subprocess.Popen([torbinary.tor_binary(),
                                      '--hash-password',
                                       plaintext],
                                      stdout=subprocess.PIPE,
                                      stderr=subprocess.PIPE)
    for line in iter(hashedPassword.stdout.readline, b''):
        password = line.decode()
        if 'warn' not in password:
            break

    torrc_data = """SocksPort """ + str(socks_port) + """ OnionTrafficOnly
DataDirectory """ + home_dir + """tordata/
CookieAuthentication 1
KeepalivePeriod 40
CircuitsAvailableTimeout 86400
ControlPort """ + str(controlPort) + """
HashedControlPassword """ + str(password) + """
    """
    if config.get('general.security_level', 1) == 0:
        torrc_data += """\nHiddenServiceDir """ + home_dir + """hs/
\n""" + hs_ver + """\n
HiddenServiceNumIntroductionPoints 6
HiddenServiceMaxStreams 100
HiddenServiceMaxStreamsCloseCircuit 1
HiddenServicePort 80 """ + api_server_ip + """:""" + str(socks_port)

    torrc_data = add_bridges(torrc_data)

    torrc_data += customtorrc.get_custom_torrc()

    torrc = open(tor_config_location, 'w')
    torrc.write(torrc_data)
    torrc.close()