free
/
freedombone
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
浏览代码

Fix static analysis failures

Bob Mottram 7 年前
父节点
65ded7b2eb
当前提交
9a6aee1de7
共有 1 个文件被更改,包括 52 次插入52 次删除
合并视图 显示文件统计
  1. 52
    52
      src/freedombone-utils-onion

+ 52
- 52
src/freedombone-utils-onion 查看文件

36
36
37 
 function add_email_hostname {
 37 
 function add_email_hostname {
38 
     extra_email_hostname="$1"
 38 
     extra_email_hostname="$1"
39 
-    email_hostnames=$(cat /etc/exim4/update-exim4.conf.conf | grep "dc_other_hostnames" | awk -F "'" '{print $2}')
39 
+    email_hostnames=$(grep "dc_other_hostnames" /etc/exim4/update-exim4.conf.conf | awk -F "'" '{print $2}')
40 
     if [[ "$email_hostnames" != *"$extra_email_hostname"* ]]; then
 40 
     if [[ "$email_hostnames" != *"$extra_email_hostname"* ]]; then
41 
-        sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$emailhostnames;extra_email_hostname'|g" /etc/exim4/update-exim4.conf.conf
41 
+        sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$email_hostnames;extra_email_hostname'|g" /etc/exim4/update-exim4.conf.conf
42 
         update-exim4.conf
 42 
         update-exim4.conf
43 
         dpkg-reconfigure --frontend noninteractive exim4-config
 43 
         dpkg-reconfigure --frontend noninteractive exim4-config
44 
         systemctl restart saslauthd
 44 
         systemctl restart saslauthd
54 
     onion_service_name="$1"
 54 
     onion_service_name="$1"
55
55
56 
     sleep_ctr=0
 56 
     sleep_ctr=0
57 
-    while [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; do
57 
+    while [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; do
58 
         sleep 1
 58 
         sleep 1
59 
         sleep_ctr=$((sleep_ctr + 1))
 59 
         sleep_ctr=$((sleep_ctr + 1))
60 
         if [ $sleep_ctr -gt 10 ]; then
 60 
         if [ $sleep_ctr -gt 10 ]; then
66 
 function wait_for_onion_service {
 66 
 function wait_for_onion_service {
67 
     onion_service_name="$1"
 67 
     onion_service_name="$1"
68
68
69 
-    wait_for_onion_service_base ${onion_service_name}
69 
+    wait_for_onion_service_base "${onion_service_name}"
70
70
71 
-    if [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
71 
+    if [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
72 
         # try a second time
 72 
         # try a second time
73 
         onion_update
 73 
         onion_update
74 
-        wait_for_onion_service_base ${onion_service_name}
74 
+        wait_for_onion_service_base "${onion_service_name}"
75 
     fi
 75 
     fi
76 
     sync
 76 
     sync
77 
 }
 77 
 }
87 
     sed -i "/hidden_service_${onion_service_name}/,+1 d" /etc/tor/torrc
 87 
     sed -i "/hidden_service_${onion_service_name}/,+1 d" /etc/tor/torrc
88 
     sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" /etc/tor/torrc
 88 
     sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" /etc/tor/torrc
89 
     sed -i "/127.0.0.1:${onion_service_port_to}/d" /etc/tor/torrc
 89 
     sed -i "/127.0.0.1:${onion_service_port_to}/d" /etc/tor/torrc
90 
-    if [ $3 ]; then
90 
+    if [ "$3" ]; then
91 
         sed -i "/127.0.0.1:${3}/d" /etc/tor/torrc
 91 
         sed -i "/127.0.0.1:${3}/d" /etc/tor/torrc
92 
-        if [ $4 ]; then
92 
+        if [ "$4" ]; then
93 
             sed -i "/127.0.0.1:${4}/d" /etc/tor/torrc
 93 
             sed -i "/127.0.0.1:${4}/d" /etc/tor/torrc
94 
-            if [ $5 ]; then
94 
+            if [ "$5" ]; then
95 
                 sed -i "/127.0.0.1:${5}/d" /etc/tor/torrc
 95 
                 sed -i "/127.0.0.1:${5}/d" /etc/tor/torrc
96 
             fi
 96 
             fi
97 
         fi
 97 
         fi
98 
     fi
 98 
     fi
99 
-    if [ -d ${HIDDEN_SERVICE_PATH}${onion_service_name} ]; then
100 
-        shred -zu ${HIDDEN_SERVICE_PATH}${onion_service_name}/*
101 
-        rm -rf ${HIDDEN_SERVICE_PATH}${onion_service_name}
99 
+    if [ -d "${HIDDEN_SERVICE_PATH}${onion_service_name}" ]; then
100 
+        shred -zu "${HIDDEN_SERVICE_PATH}${onion_service_name}/*"
101 
+        rm -rf "${HIDDEN_SERVICE_PATH}${onion_service_name}"
102 
     fi
 102 
     fi
103 
-    if [ -d ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile ]; then
104 
-        shred -zu ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile/*
105 
-        rm -rf ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile
103 
+    if [ -d "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile" ]; then
104 
+        shred -zu "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile/*"
105 
+        rm -rf "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile"
106 
     fi
 106 
     fi
107 
     remove_completion_param "${onion_service_name} onion domain"
 107 
     remove_completion_param "${onion_service_name} onion domain"
108 
     onion_update
 108 
     onion_update
114 
     onion_service_port_to=$3
 114 
     onion_service_port_to=$3
115 
     onion_stealth_name="$4"
 115 
     onion_stealth_name="$4"
116
116
117 
-    if [ -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
118 
-        echo $(cat ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname)
117 
+    if [ -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
118 
+        cat "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname"
119 
         USE_V2_ONION_ADDRESS=
 119 
         USE_V2_ONION_ADDRESS=
120 
         return
 120 
         return
121 
     fi
 121 
     fi
143 
     onion_update
 143 
     onion_update
144
144
145 
     function_check wait_for_onion_service
 145 
     function_check wait_for_onion_service
146 
-    wait_for_onion_service ${onion_service_name}
146 
+    wait_for_onion_service "${onion_service_name}"
147
147
148 
-    if [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
149 
-        ls -lh ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname
148 
+    if [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
149 
+        ls -lh "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname"
150 
         echo $"${onion_service_name} onion site hostname not found"
 150 
         echo $"${onion_service_name} onion site hostname not found"
151 
         exit 763624
 151 
         exit 763624
152 
     fi
 152 
     fi
153
153
154 
-    onion_address=$(cat ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname)
154 
+    onion_address=$(cat "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname")
155
155
156 
     # Record the domain in the completion file
 156 
     # Record the domain in the completion file
157 
     set_completion_param "${onion_service_name} onion domain" "${onion_address}"
 157 
     set_completion_param "${onion_service_name} onion domain" "${onion_address}"
158
158
159 
-    echo $onion_address
159 
+    echo "$onion_address"
160 
 }
 160 
 }
161
161
162 
 function set_default_onion_domains {
 162 
 function set_default_onion_domains {
184 
     fi
 184 
     fi
185 
     if [ $GNUSOCIAL_DOMAIN_NAME ]; then
 185 
     if [ $GNUSOCIAL_DOMAIN_NAME ]; then
186 
         function_check create_avahi_service
 186 
         function_check create_avahi_service
187 
-        create_avahi_service gnusocial http tcp $GNUSOCIAL_ONION_PORT
187 
+        create_avahi_service gnusocial http tcp "$GNUSOCIAL_ONION_PORT"
188 
     fi
 188 
     fi
189 
     if [ $HTMLY_DOMAIN_NAME ]; then
 189 
     if [ $HTMLY_DOMAIN_NAME ]; then
190 
         function_check create_avahi_service
 190 
         function_check create_avahi_service
191 
-        create_avahi_service blog http tcp $HTMLY_ONION_PORT
191 
+        create_avahi_service blog http tcp "$HTMLY_ONION_PORT"
192 
     fi
 192 
     fi
193 
     if [ $GIT_DOMAIN_NAME ]; then
 193 
     if [ $GIT_DOMAIN_NAME ]; then
194 
         function_check create_avahi_service
 194 
         function_check create_avahi_service
195 
-        create_avahi_service git http tcp $GIT_ONION_PORT
195 
+        create_avahi_service git http tcp "$GIT_ONION_PORT"
196 
     fi
 196 
     fi
197 
     if [ $DOKUWIKI_DOMAIN_NAME ]; then
 197 
     if [ $DOKUWIKI_DOMAIN_NAME ]; then
198 
         function_check create_avahi_service
 198 
         function_check create_avahi_service
199 
-        create_avahi_service dokuwiki http tcp $DOKUWIKI_ONION_PORT
199 
+        create_avahi_service dokuwiki http tcp "$DOKUWIKI_ONION_PORT"
200 
     fi
 200 
     fi
201 
 }
 201 
 }
202
202
204 
     if [[ $SYSTEM_TYPE == "mesh"* ]]; then
 204 
     if [[ $SYSTEM_TYPE == "mesh"* ]]; then
205 
         return
 205 
         return
206 
     fi
 206 
     fi
207 
-    if [ ! -d /home/$MY_USERNAME/.ssh ]; then
208 
-        mkdir /home/$MY_USERNAME/.ssh
207 
+    if [ ! -d "/home/$MY_USERNAME/.ssh" ]; then
208 
+        mkdir "/home/$MY_USERNAME/.ssh"
209 
     fi
 209 
     fi
210 
     if [ ! -d /etc/tor ]; then
 210 
     if [ ! -d /etc/tor ]; then
211 
         echo $'Tor not found when updating ssh'
 211 
         echo $'Tor not found when updating ssh'
212 
         exit 528257
 212 
         exit 528257
213 
     fi
 213 
     fi
214 
-    if ! grep -q "onion" /home/$MY_USERNAME/.ssh/config; then
215 
-        echo 'Host *.onion' >> /home/$MY_USERNAME/.ssh/config
216 
-        echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> /home/$MY_USERNAME/.ssh/config
214 
+    if ! grep -q "onion" "/home/$MY_USERNAME/.ssh/config"; then
215 
+        echo 'Host *.onion' >> "/home/$MY_USERNAME/.ssh/config"
216 
+        echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> "/home/$MY_USERNAME/.ssh/config"
217 
     fi
 217 
     fi
218 
 }
 218 
 }
219
219
225 
         return
 225 
         return
226 
     fi
 226 
     fi
227 
     apt-get -yq install tor connect-proxy
 227 
     apt-get -yq install tor connect-proxy
228 
-    if ! grep -q 'Host *.onion' /home/$MY_USERNAME/.ssh/config; then
229 
-        if [ ! -d /home/$MY_USERNAME/.ssh ]; then
230 
-            mkdir /home/$MY_USERNAME/.ssh
228 
+    if ! grep -q 'Host *.onion' "/home/$MY_USERNAME/.ssh/config"; then
229 
+        if [ ! -d "/home/$MY_USERNAME/.ssh" ]; then
230 
+            mkdir "/home/$MY_USERNAME/.ssh"
231 
         fi
 231 
         fi
232 
-        echo 'Host *.onion' >> /home/$MY_USERNAME/.ssh/config
233 
-        echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> /home/$MY_USERNAME/.ssh/config
234 
-        chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
235 
-        chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh/config
232 
+        echo 'Host *.onion' >> "/home/$MY_USERNAME/.ssh/config"
233 
+        echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> "/home/$MY_USERNAME/.ssh/config"
234 
+        chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.ssh"
235 
+        chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.ssh/config"
236 
     fi
 236 
     fi
237 
     if ! grep -q 'Host *.onion' /root/.ssh/config; then
 237 
     if ! grep -q 'Host *.onion' /root/.ssh/config; then
238 
         if [ ! -d /root/.ssh ]; then
 238 
         if [ ! -d /root/.ssh ]; then
259 
         return
 259 
         return
260 
     fi
 260 
     fi
261
261
262 
-    SSH_ONION_HOSTNAME=$(add_onion_service ssh ${SSH_PORT} ${SSH_PORT})
262 
+    SSH_ONION_HOSTNAME=$(add_onion_service ssh "${SSH_PORT}" "${SSH_PORT}")
263 
     if [[ "$SSH_ONION_HOSTNAME" != *'.onion' ]]; then
 263 
     if [[ "$SSH_ONION_HOSTNAME" != *'.onion' ]]; then
264 
         echo $'ssh onion site not generated'
 264 
         echo $'ssh onion site not generated'
265 
         exit 624128
 265 
         exit 624128
313
313
314 
     # resolve DNS via tor
 314 
     # resolve DNS via tor
315 
     if ! grep -q 'DNSPort 53' /etc/tor/torrc; then
 315 
     if ! grep -q 'DNSPort 53' /etc/tor/torrc; then
316 
-        echo 'DNSPort 53' >> /etc/tor/torrc
317 
-        echo 'AutomapHostsOnResolve 1' >> /etc/tor/torrc
318 
-        echo 'AutomapHostsSuffixes .exit,.onion' >> /etc/tor/torrc
316 
+        { echo 'DNSPort 53';
317 
+          echo 'AutomapHostsOnResolve 1';
318 
+          echo 'AutomapHostsSuffixes .exit,.onion'; } >> /etc/tor/torrc
319 
         onion_update
 319 
         onion_update
320 
     fi
 320 
     fi
321
321
361
361
362 
     # Allow clearnet access for hosts in $_non_tor
 362 
     # Allow clearnet access for hosts in $_non_tor
363 
     for _clearnet in $_non_tor; do
 363 
     for _clearnet in $_non_tor; do
364 
-        iptables -t nat -A OUTPUT -d $_clearnet -j RETURN
365 
-        iptables -t nat -A PREROUTING -i $_int_if -d $_clearnet -j RETURN
364 
+        iptables -t nat -A OUTPUT -d "$_clearnet" -j RETURN
365 
+        iptables -t nat -A PREROUTING -i $_int_if -d "$_clearnet" -j RETURN
366 
     done
 366 
     done
367
367
368 
     # Redirect all other pre-routing and output to Tor
 368 
     # Redirect all other pre-routing and output to Tor
375
375
376 
     # Allow clearnet access for hosts in $_non_tor
 376 
     # Allow clearnet access for hosts in $_non_tor
377 
     for _clearnet in $_non_tor 127.0.0.0/8; do
 377 
     for _clearnet in $_non_tor 127.0.0.0/8; do
378 
-        iptables -A OUTPUT -d $_clearnet -j ACCEPT
378 
+        iptables -A OUTPUT -d "$_clearnet" -j ACCEPT
379 
     done
 379 
     done
380
380
381 
     # Allow only Tor output
 381 
     # Allow only Tor output
438 
     if [ ${#mobilestr} -gt 0 ]; then
 438 
     if [ ${#mobilestr} -gt 0 ]; then
439 
         app_name="mobile${app_name}"
 439 
         app_name="mobile${app_name}"
440 
     fi
 440 
     fi
441 
-    if grep -q "${app_name} onion domain" $COMPLETION_FILE; then
442 
-        if grep -q "${app_name} onion domain" $COMPLETION_FILE; then
443 
-            echo $(cat ${COMPLETION_FILE} | grep "${app_name} onion domain" | head -n 1 | awk -F ':' '{print $2}')
441 
+    if grep -q "${app_name} onion domain" "$COMPLETION_FILE"; then
442 
+        if grep -q "${app_name} onion domain" "$COMPLETION_FILE"; then
443 
+            grep "${app_name} onion domain" "${COMPLETION_FILE}" | head -n 1 | awk -F ':' '{print $2}'
444 
             return
 444 
             return
445 
         fi
 445 
         fi
446 
     fi
 446 
     fi
521 
 function tor_create_bridge_relay {
 521 
 function tor_create_bridge_relay {
522 
     read_config_param 'TOR_BRIDGE_PORT'
 522 
     read_config_param 'TOR_BRIDGE_PORT'
523 
     read_config_param 'TOR_BRIDGE_NICKNAME'
 523 
     read_config_param 'TOR_BRIDGE_NICKNAME'
524 
-    if [ ! $TOR_BRIDGE_PORT ]; then
524 
+    if [ ! "$TOR_BRIDGE_PORT" ]; then
525 
         return
 525 
         return
526 
     fi
 526 
     fi
527 
     if [ ${#TOR_BRIDGE_PORT} -eq 0 ]; then
 527 
     if [ ${#TOR_BRIDGE_PORT} -eq 0 ]; then
548 
     read_config_param 'MY_EMAIL_ADDRESS'
 548 
     read_config_param 'MY_EMAIL_ADDRESS'
549
549
550 
     sed -i "s|#ContactInfo.*|ContactInfo $MY_EMAIL_ADDRESS|g" /etc/tor/torrc
 550 
     sed -i "s|#ContactInfo.*|ContactInfo $MY_EMAIL_ADDRESS|g" /etc/tor/torrc
551 
-    if [ $TOR_BRIDGE_NICKNAME ]; then
551 
+    if [ "$TOR_BRIDGE_NICKNAME" ]; then
552 
         sed -i "s|#Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
 552 
         sed -i "s|#Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
553 
         sed -i "s|Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
 553 
         sed -i "s|Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
554 
     fi
 554 
     fi
555 
-    firewall_add tor_bridge $TOR_BRIDGE_PORT tcp
555 
+    firewall_add tor_bridge "$TOR_BRIDGE_PORT" tcp
556 
     systemctl restart tor
 556 
     systemctl restart tor
557 
 }
 557 
 }
558
558
573 
         sed -i "s|Nickname |#Nickname |g" /etc/tor/torrc
 573 
         sed -i "s|Nickname |#Nickname |g" /etc/tor/torrc
574 
     fi
 574 
     fi
575 
     read_config_param 'TOR_BRIDGE_PORT'
 575 
     read_config_param 'TOR_BRIDGE_PORT'
576 
-    firewall_remove $TOR_BRIDGE_PORT tcp
576 
+    firewall_remove "$TOR_BRIDGE_PORT" tcp
577 
     systemctl restart tor
 577 
     systemctl restart tor
578 
 }
 578 
 }
579
579