Commit ec9b2469 authored by intrigeri's avatar intrigeri

Merge remote-tracking branch 'origin/feature/15428-rename-htp-pools' into devel

Fix-committed: #15428
parents d93cb9e6 9ffe2e69
HTP_POOL_PAL="boum.org,espiv.net,db.debian.org,epic.org,mail.riseup.net,leap.se,squat.net,tachanka.org,www.1984.is,www.eff.org,www.immerda.ch,www.privacyinternational.org,www.torproject.org"
HTP_POOL_NEUTRAL="cve.mitre.org,en.wikipedia.org,lkml.org,thepiratebay.org,www.apache.org,getfedora.org,www.democracynow.org,www.duckduckgo.com,www.gnu.org,www.kernel.org,www.mozilla.org,www.stackexchange.com,www.startpage.com,www.xkcd.com"
HTP_POOL_FOE="encrypted.google.com,github.com,login.live.com,login.yahoo.com,secure.flickr.com,tumblr.com,twitter.com,www.adobe.com,www.gandi.net,www.myspace.com,www.paypal.com,www.rackspace.com,www.sony.com"
HTP_POOL_1="boum.org,espiv.net,db.debian.org,epic.org,mail.riseup.net,leap.se,squat.net,tachanka.org,www.1984.is,www.eff.org,www.immerda.ch,www.privacyinternational.org,www.torproject.org"
HTP_POOL_2="cve.mitre.org,en.wikipedia.org,lkml.org,thepiratebay.org,www.apache.org,getfedora.org,www.democracynow.org,www.duckduckgo.com,www.gnu.org,www.kernel.org,www.mozilla.org,www.stackexchange.com,www.startpage.com,www.xkcd.com"
HTP_POOL_3="encrypted.google.com,github.com,login.live.com,login.yahoo.com,secure.flickr.com,tumblr.com,twitter.com,www.adobe.com,www.gandi.net,www.myspace.com,www.paypal.com,www.rackspace.com,www.sony.com"
......@@ -11,10 +11,10 @@ Environment=SUCCESS_FILE=/run/htpdate/success
Environment=LOG=/var/log/htpdate.log
EnvironmentFile=/etc/default/htpdate.*
ExecStartPre=/bin/sh -c \
'[ -n "${HTTP_USER_AGENT}" ] && \
[ -n "${HTP_POOL_PAL}" ] && \
[ -n "${HTP_POOL_NEUTRAL}" ] && \
[ -n "${HTP_POOL_FOE}" ]'
'[ -n "${HTTP_USER_AGENT}" ] && \
[ -n "${HTP_POOL_1}" ] && \
[ -n "${HTP_POOL_2}" ] && \
[ -n "${HTP_POOL_3}" ]'
ExecStartPre=/bin/rm -f "${DONE_FILE}"
ExecStartPre=/bin/rm -f "${SUCCESS_FILE}"
ExecStartPre=/usr/bin/install -o htp -g nogroup -m 0644 /dev/null "${LOG}"
......@@ -26,9 +26,9 @@ ExecStart=/usr/local/sbin/htpdate \
--user htp \
--done_file "${DONE_FILE}" \
--success_file "${SUCCESS_FILE}" \
--pal_pool "${HTP_POOL_PAL}" \
--neutral_pool "${HTP_POOL_NEUTRAL}" \
--foe_pool "${HTP_POOL_FOE}" \
--pool1 "${HTP_POOL_1}" \
--pool2 "${HTP_POOL_2}" \
--pool3 "${HTP_POOL_3}" \
--proxy 127.0.0.1:9062
RemainAfterExit=yes
CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_SETUID CAP_SYS_TIME
......
......@@ -95,15 +95,15 @@ sub parseCommandLine () {
[ 'log_file|l:s', "log to this file rather than to STDOUT" ],
[ 'done_file|D:s', "create this file after quitting in any way" ],
[ 'success_file|T:s', "create this file after setting time successfully" ],
[ 'pal_pool=s@', "distrusted hostnames" ],
[ 'neutral_pool=s@', "neutral hostnames" ],
[ 'foe_pool=s@', "distrusted hostnames" ],
[ 'pool1=s@', "first pool of hostnames" ],
[ 'pool2=s@', "second pool of hostnames" ],
[ 'pool3=s@', "third pool of hostnames" ],
[ 'allowed_per_pool_failure_ratio:f', "ratio (0.0-1.0) of allowed per-pool failure", { default => 1.0 } ],
[ 'proxy|p:s', "what to pass to curl's --socks5-hostname (if unset, environment variables may affect curl's behavior -- see curl(1) for details)" ],
);
usage() if $opt->help;
usage() unless $opt->pal_pool && $opt->neutral_pool && $opt->foe_pool;
usage() unless $opt->pool1 && $opt->pool2 && $opt->pool3;
$runas = $opt->user if $opt->user;
$> = getpwnam($runas) if $runas;
......@@ -122,7 +122,7 @@ sub parseCommandLine () {
$_ = 'https://'.$_ unless $_ =~ /^http/i;
} split(/,/, join(',', @{$_}))
]
} ($opt->pal_pool, $opt->neutral_pool, $opt->foe_pool);
} ($opt->pool1, $opt->pool2, $opt->pool3);
}
sub usage () {
......
......@@ -154,13 +154,17 @@ into three different pools according to their members' relationship to
the members in the other pools; any member in a one pool should be
unlikely to share logs (or other identifying data), or to agree to
send fake time information, with a member from
the the other pools. The pools are as follows:
the other pools. The pools are as follows:
* The "pal" pool are run by groups that are likely to take great care
* The first pool lists websites run by groups that are likely to take great care
of their visitors' privacy.
* The "foe" pool are managed by adversaries of the "pal" pool.
* The "neutral" pool members have a neutral raltionship to both the
"pal" and "foe" pool.
* The second pool lists websites run by entities which have a neutral relationship
to both the members of the other pools.
* The third pool lists websites run by adversaries of the first pool members.
This design does not require that we particularly trust even members
of the first pool: what we need is to minimize the chance members of
different pools conspire together against Tails users.
The pools are listed in [[!tails_gitweb config/chroot_local-includes/etc/default/htpdate.pools]].
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment