From mboxrd@z Thu Jan  1 00:00:00 1970
From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject:
 [PATCH 1/4] Tor: allow multiple countries to be selected for Exit relays
Date: Wed, 04 Nov 2020 22:28:22 +0100
Message-ID: <88bdbdd4-1418-1be0-6240-3123ca64c00c@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1576510135008966138=="
List-Id: <development.lists.ipfire.org>

--===============1576510135008966138==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This extends the functionality of the Tor CGI in order to be able to
select multiple countries for possible Exit relays, which is - in terms
of anonymity - less worse than limiting all Tor circuits to a single
country.

For example, a user might want to avoid Exit relays in more than one
country, and permit Tor to use Exit relays elesewhere, and vice versa.

Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
---
 html/cgi-bin/tor.cgi | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi
index 7447bd791..3db4bc22c 100644
--- a/html/cgi-bin/tor.cgi
+++ b/html/cgi-bin/tor.cgi
@@ -2,7 +2,7 @@
 ############################################################################=
###
 #                                                                           =
  #
 # IPFire.org - A linux based firewall                                       =
  #
-# Copyright (C) 2013-2019  IPFire Team  <info(a)ipfire.org>                 =
    #
+# Copyright (C) 2007-2020  IPFire Team  <info(a)ipfire.org>                 =
    #
 #                                                                           =
  #
 # This program is free software: you can redistribute it and/or modify      =
  #
 # it under the terms of the GNU General Public License as published by      =
  #
@@ -319,9 +319,16 @@ END
 			</tr>
 			<tr>
 				<td width=3D'50%' colspan=3D'2'>
-					<select name=3D'TOR_EXIT_COUNTRY'>
+					<select name=3D'TOR_EXIT_COUNTRY' multiple=3D'multiple'>
 						<option value=3D''>- $Lang::tr{'tor exit country any'} -</option>
 END
+
+		# Convert Exit/Guard country strings into lists to make comparison easier
+		my @exit_countries;
+		if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
+			@exit_countries =3D split(/\|/, $settings{'TOR_EXIT_COUNTRY'});
+		}
+
 		my @country_codes =3D &Location::database_countries($db_handle);
 		foreach my $country_code (@country_codes) {
 			# Convert country code into upper case format.
@@ -332,8 +339,8 @@ END
=20
 			print "<option value=3D'$country_code'";
=20
-			if ($settings{'TOR_EXIT_COUNTRY'} eq $country_code) {
-				print " selected";
+			if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
+				print " selected" if grep /$country_code/, @exit_countries;
 			}
=20
 			print ">$country_name ($country_code)</option>\n";
@@ -678,8 +685,17 @@ sub BuildConfiguration() {
=20
 		if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
 			$strict_nodes =3D 1;
+			my $countrylist;
+
+			for my $singlecountry (split(/\|/, $settings{'TOR_EXIT_COUNTRY'})) {
+				if ($countrylist eq '') {
+					$countrylist =3D "{" . lc $singlecountry . "}";
+				} else {
+					$countrylist =3D $countrylist . "," . "{" . lc $singlecountry . "}";
+				}
+			}
=20
-			print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n";
+			print FILE "ExitNodes $countrylist\n";
 		}
=20
 		if ($settings{'TOR_USE_EXIT_NODES'} ne '') {
--=20
2.26.2

--===============1576510135008966138==--