Skip to content

Commit afad83b

Browse files
galeksandrpgaleksandrp
committed
.onion and .i2p
1 parent ea80516 commit afad83b

7 files changed

Lines changed: 52 additions & 7 deletions

File tree

.travis.yml

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -5,10 +5,5 @@ services:
55
script:
66
- test/travis.sh
77
env:
8-
- TEST=firefox FIREFOX=firefox-dev
9-
- TEST=firefox FIREFOX=firefox-latest
10-
- TEST=firefox FIREFOX=firefox-esr-latest
11-
- TEST=chromium
128
- TEST=rules
139
- TEST=fetch
14-
- TEST=preloaded

Dockerfile

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,13 @@ ADD test/rules/requirements.txt test/rules/requirements.txt
66
ADD test/chromium/requirements.txt test/chromium/requirements.txt
77
RUN pip install -r test/rules/requirements.txt
88
RUN pip install -r test/chromium/requirements.txt
9+
RUN apt-get update
10+
RUN apt-get install -y tor iptables sudo
11+
RUN echo VirtualAddrNetworkIPv4 10.192.0.0/10 >> /etc/tor/torrc
12+
RUN echo AutomapHostsOnResolve 1 >> /etc/tor/torrc
13+
RUN echo TransPort 9040 >> /etc/tor/torrc
14+
RUN echo DNSPort 53 >> /etc/tor/torrc
15+
RUN adduser --disabled-password --gecos "" test
916

1017
ENV FIREFOX /firefox-latest/firefox/firefox
1118

src/chrome/content/rules/onion-flibusta.xml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
<ruleset name="Flibusta Onion" platform="mixedcontent">
2+
<target host="flibusta.net" />
3+
<target host="www.flibusta.net" />
4+
<target host="flibusta.is" />
5+
<target host="www.flibusta.is" />
6+
<target host="proxy.flibusta.net" />
7+
<target host="www.proxy.flibusta.net" />
8+
<rule from="^https?://(?:www\.)?(?:proxy\.)?flibusta\.(?:net|is)/" to="http://flibustahezeous3.onion/" />
9+
</ruleset>
10+
<!--
11+
* **Flibusta**
12+
* Documented here: <http://flibusta.net/> ([A](https://archive.today/3DAe5))
13+
-->

src/chrome/content/rules/onion-nnm-club.xml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
<ruleset name="NNM-Club Onion" platform="mixedcontent">
2+
<target host="nnm-club.me" />
3+
<target host="nnmclub.to" />
4+
<target host="www.nnm-club.me" />
5+
<target host="www.nnmclub.to" />
6+
<target host="ipv6.nnm-club.me" />
7+
<target host="ipv6.nnmclub.to" />
8+
<rule from="^https?://(?:www\.|ipv6\.)?(?:nnm-club\.me|nnmclub\.to)/" to="http://nnmclub5toro7u65.onion/" />
9+
</ruleset>

src/chrome/content/rules/onion-rutor.xml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
<ruleset name="Rutor Onion" platform="mixedcontent">
2+
<target host="rutor.org" />
3+
<target host="rutor.info" />
4+
<target host="rutor.is" />
5+
<target host="www.rutor.org" />
6+
<target host="www.rutor.info" />
7+
<target host="www.rutor.is" />
8+
<rule from="^http://(?:www\.)?rutor\.(?:org|info|is)/" to="http://rutorc6mqdinc4cz.onion/" />
9+
</ruleset>

test/fetch.sh

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,18 @@ done
1717

1818
if [ "$TO_BE_TESTED" ]; then
1919
# Do the actual test, using https-everywhere-checker.
20+
TOR=$(xmllint --xpath 'string(//ruleset/@platform)' $TO_BE_TESTED | grep 'mixedcontent')
21+
COMMAND='python'
22+
if [ "$TOR" ]; then
23+
service tor start
24+
sleep 10
25+
echo nameserver 127.0.0.1 > /etc/resolv.conf
26+
iptables -t nat -A OUTPUT -m owner --uid-owner $(sudo -u test id -u) -p tcp --syn -j REDIRECT --to-ports 9040
27+
COMMAND='sudo -u test python'
28+
fi
2029
OUTPUT_FILE=`mktemp`
2130
trap 'rm "$OUTPUT_FILE"' EXIT
22-
python $RULETESTFOLDER/src/https_everywhere_checker/check_rules.py $RULETESTFOLDER/http.checker.config $TO_BE_TESTED 2>&1 | tee $OUTPUT_FILE
31+
$COMMAND $RULETESTFOLDER/src/https_everywhere_checker/check_rules.py $RULETESTFOLDER/http.checker.config $TO_BE_TESTED 2>&1 | tee $OUTPUT_FILE
2332
# Unfortunately, no specific exit codes are available for connection
2433
# failures, so we catch those with grep.
2534
if [[ `cat $OUTPUT_FILE | grep ERROR | wc -l` -ge 1 ]]; then

utils/trivial-validate.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -92,13 +92,17 @@ def test_unescaped_dots_in_exclusion(tree, rulename, from_attrib, to):
9292
return True
9393

9494
xpath_rule = etree.XPath("/ruleset/rule")
95+
xpath_ruleset_platform = etree.XPath("/ruleset/@platform")
96+
xpath_ruleset_default_off = etree.XPath("/ruleset/@default_off")
9597
def test_unencrypted_to(tree, rulename, from_attrib, to):
9698
# Rules that redirect to something other than https or http.
9799
# This used to test for http: but testing for lack of https: will
98100
# catch more kinds of mistakes.
99101
# Now warn if the rule author indicates they intended it, with the
100102
# downgrade attribute. Error if this attribute is not present.
101103
"""Rule redirects to something other than https."""
104+
if len(xpath_ruleset_platform(tree)) != 0 or len(xpath_ruleset_default_off(tree)) != 0:
105+
return True
102106
for rule in xpath_rule(tree):
103107
to, downgrade = rule.get("to"), rule.get("downgrade")
104108
if to[:6] != "https:" and to[:5] != "http:":
@@ -158,7 +162,6 @@ def nomes_all(where=sys.argv[1:]):
158162

159163
xpath_ruleset = etree.XPath("/ruleset")
160164
xpath_ruleset_name = etree.XPath("/ruleset/@name")
161-
xpath_ruleset_platform = etree.XPath("/ruleset/@platform")
162165
xpath_host = etree.XPath("/ruleset/target/@host")
163166
xpath_from = etree.XPath("/ruleset/rule/@from")
164167
xpath_to = etree.XPath("/ruleset/rule/@to")

0 commit comments

Comments
 (0)