commit 0752d211de7001f4f1ee26979536ca469bca70ce Author: irregulator irregulator@riseup.net Date: Mon May 26 15:03:15 2014 +0300

Add --password-file for scramblesuit UniformDH password

This argument permits to run obfsproxy in unmanaged mode and pass a file containing the scramblesuit password. That way password won't be visible in process list. --- obfsproxy/transports/scramblesuit/scramblesuit.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/obfsproxy/transports/scramblesuit/scramblesuit.py b/obfsproxy/transports/scramblesuit/scramblesuit.py index 43b52b5..725c253 100644 --- a/obfsproxy/transports/scramblesuit/scramblesuit.py +++ b/obfsproxy/transports/scramblesuit/scramblesuit.py @@ -14,6 +14,7 @@ import obfsproxy.common.log as logging import random import base64 import yaml +import argparse

import probdist import mycrypto @@ -29,6 +30,11 @@ import fifobuf

log = logging.get_obfslogger()

+class ReadPassFile(argparse.Action): + def __call__(self, parser, namespace, values, option_string=None): + with open(values) as f: + setattr(namespace, self.dest, f.readline().strip()) +

class ScrambleSuitTransport( base.BaseTransport ):

@@ -542,12 +548,19 @@ class ScrambleSuitTransport( base.BaseTransport ): specify a ticket file and one to specify a UniformDH shared secret. """

- subparser.add_argument("--password", - required=True, + passArgs = subparser.add_mutually_exclusive_group(required=True) + + passArgs.add_argument("--password", type=str, help="Shared secret for UniformDH", dest="uniformDHSecret")

+ passArgs.add_argument("--password-file", + type=str, + help="File containing shared secret for UniformDH", + action=ReadPassFile, + dest="uniformDHSecret") + super(ScrambleSuitTransport, cls).register_external_mode_cli(subparser)

@classmethod