torch-agent/torch-pub.py

from stem.control import Controller
import stem.connection
import paho.mqtt.client as mqtt
import ssl
import socks
import socket
import json
import configparser
import argparse
from datetime import datetime

parser = argparse.ArgumentParser(description='Broadcast SSH hidden service hostname via MQTT')

parser.add_argument('--config-dir', nargs='?', dest='configPath', default='/etc/torch',
                   help='configuration directory (default: /etc/torch)')

args = parser.parse_args()

configPath = args.configPath

if not configPath.endswith("/"):
  configPath = configPath + "/"

config = configparser.ConfigParser()
config.read(configPath + "torch.conf")

torProxyPort = config['tor'].getint('ProxyPort', fallback = 9050)
torControllerPort = config['tor'].getint('ControllerPort', fallback = 9051)

sshPort = config['ssh'].getint('Port', fallback = 22)

mqttConfig = config['mqtt']
mqttBrokerHost = mqttConfig.get('BrokerHost', fallback = "localhost")
mqttBrokerPort = mqttConfig.getint('BrokerPort', fallback = 1883)
clientID = mqttConfig.get('ClientID', fallback = socket.gethostname())
mqttTopic = mqttConfig.get('Topic', fallback = "torch/%s/onion_url" % (clientID))

mqttRequireCertificate = mqttConfig.getboolean(
                                       'RequireCertificate', 
                                       fallback = False)

mqttCaFile = configPath + mqttConfig.get('CaFile')
mqttCertFile = configPath + mqttConfig.get('CertFile')
mqttKeyFile = configPath + mqttConfig.get('KeyFile')

with Controller.from_port(port = torControllerPort) as controller:
  
  protocolInfo = stem.connection.get_protocolinfo(controller)

  stem.connection.authenticate_safecookie(
                       controller, 
                       protocolInfo.cookie_path)
  
  service = controller.create_ephemeral_hidden_service(
                             sshPort, 
                             detached = True)

  onionAddress = "%s.onion" % (service.service_id)

payload = { 
  'clientId': clientID, 
  'timestamp': datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)"), 
  'onionAddress': onionAddress, 
  'sshPort': sshPort 
  }

client = mqtt.Client()

if mqttRequireCertificate:
  client.tls_set(
          ca_certs = mqttCaFile, 
          certfile = mqttCertFile, 
          keyfile = mqttKeyFile, 
          cert_reqs=ssl.CERT_REQUIRED)

if mqttBrokerHost.endswith(".onion"):
  client.proxy_set(proxy_type=socks.SOCKS5, proxy_addr="localhost", proxy_port=torProxyPort)
  client.tls_insecure_set(True)

client.connect(mqttBrokerHost, mqttBrokerPort, 60)
client.publish(mqttTopic, json.dumps(payload))
client.disconnect()
Initial commit 2020-10-02 14:34:30 +00:00			`from stem.control import Controller`
			`import stem.connection`
			`import paho.mqtt.client as mqtt`
			`import ssl`
Added support for tor / onion broker hostname 2020-10-05 11:18:22 +00:00			`import socks`
Include ClientID (default: hostname) and default topic 2020-10-05 11:49:34 +00:00			`import socket`
			`import json`
Initial commit 2020-10-02 14:34:30 +00:00			`import configparser`
Added --config-dir parameter and timestamp in payload 2020-10-05 14:36:04 +00:00			`import argparse`
			`from datetime import datetime`
Initial commit 2020-10-02 14:34:30 +00:00
Added --config-dir parameter and timestamp in payload 2020-10-05 14:36:04 +00:00			`parser = argparse.ArgumentParser(description='Broadcast SSH hidden service hostname via MQTT')`

			`parser.add_argument('--config-dir', nargs='?', dest='configPath', default='/etc/torch',`
			`help='configuration directory (default: /etc/torch)')`

			`args = parser.parse_args()`

			`configPath = args.configPath`

			`if not configPath.endswith("/"):`
			`configPath = configPath + "/"`
Initial commit 2020-10-02 14:34:30 +00:00
			`config = configparser.ConfigParser()`
			`config.read(configPath + "torch.conf")`

Added support for tor / onion broker hostname 2020-10-05 11:18:22 +00:00			`torProxyPort = config['tor'].getint('ProxyPort', fallback = 9050)`
Initial commit 2020-10-02 14:34:30 +00:00			`torControllerPort = config['tor'].getint('ControllerPort', fallback = 9051)`
Added --config-dir parameter and timestamp in payload 2020-10-05 14:36:04 +00:00
Initial commit 2020-10-02 14:34:30 +00:00			`sshPort = config['ssh'].getint('Port', fallback = 22)`
Added --config-dir parameter and timestamp in payload 2020-10-05 14:36:04 +00:00
Initial commit 2020-10-02 14:34:30 +00:00			`mqttConfig = config['mqtt']`
			`mqttBrokerHost = mqttConfig.get('BrokerHost', fallback = "localhost")`
			`mqttBrokerPort = mqttConfig.getint('BrokerPort', fallback = 1883)`
Include ClientID (default: hostname) and default topic 2020-10-05 11:49:34 +00:00			`clientID = mqttConfig.get('ClientID', fallback = socket.gethostname())`
			`mqttTopic = mqttConfig.get('Topic', fallback = "torch/%s/onion_url" % (clientID))`
Initial commit 2020-10-02 14:34:30 +00:00
			`mqttRequireCertificate = mqttConfig.getboolean(`
			`'RequireCertificate',`
			`fallback = False)`

			`mqttCaFile = configPath + mqttConfig.get('CaFile')`
			`mqttCertFile = configPath + mqttConfig.get('CertFile')`
			`mqttKeyFile = configPath + mqttConfig.get('KeyFile')`

			`with Controller.from_port(port = torControllerPort) as controller:`

			`protocolInfo = stem.connection.get_protocolinfo(controller)`

			`stem.connection.authenticate_safecookie(`
			`controller,`
			`protocolInfo.cookie_path)`

			`service = controller.create_ephemeral_hidden_service(`
			`sshPort,`
			`detached = True)`

			`onionAddress = "%s.onion" % (service.service_id)`

Added --config-dir parameter and timestamp in payload 2020-10-05 14:36:04 +00:00			`payload = {`
			`'clientId': clientID,`
			`'timestamp': datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)"),`
			`'onionAddress': onionAddress,`
			`'sshPort': sshPort`
			`}`
Include ClientID (default: hostname) and default topic 2020-10-05 11:49:34 +00:00
Initial commit 2020-10-02 14:34:30 +00:00			`client = mqtt.Client()`

			`if mqttRequireCertificate:`
			`client.tls_set(`
			`ca_certs = mqttCaFile,`
			`certfile = mqttCertFile,`
			`keyfile = mqttKeyFile,`
			`cert_reqs=ssl.CERT_REQUIRED)`

Added support for tor / onion broker hostname 2020-10-05 11:18:22 +00:00			`if mqttBrokerHost.endswith(".onion"):`
			`client.proxy_set(proxy_type=socks.SOCKS5, proxy_addr="localhost", proxy_port=torProxyPort)`
			`client.tls_insecure_set(True)`

Initial commit 2020-10-02 14:34:30 +00:00			`client.connect(mqttBrokerHost, mqttBrokerPort, 60)`
Include ClientID (default: hostname) and default topic 2020-10-05 11:49:34 +00:00			`client.publish(mqttTopic, json.dumps(payload))`
Initial commit 2020-10-02 14:34:30 +00:00			`client.disconnect()`