1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
|
diff --git a/README.rst b/README.rst
index a0bb12f..9e32b53 100644
--- a/README.rst
+++ b/README.rst
@@ -18,8 +18,7 @@ Installation
``git clone https://github.com/asciimoo/searx.git && cd searx``
- install dependencies: ``./manage.sh update_packages``
- edit your
- `settings.yml <https://github.com/asciimoo/searx/blob/master/searx/settings.yml>`__
- (set your ``secret_key``!)
+ `settings.yml <https://github.com/asciimoo/searx/blob/master/searx/settings.yml>`
- run ``python searx/webapp.py`` to start the application
For all the details, follow this `step by step
diff --git a/searx/settings.yml b/searx/settings.yml
index 8515326..e65e5e8 100644
--- a/searx/settings.yml
+++ b/searx/settings.yml
@@ -10,7 +10,6 @@ search:
server:
port : 8888
bind_address : "127.0.0.1" # address to listen on
- secret_key : "ultrasecretkey" # change this!
base_url : False # Set custom base_url. Possible values: False or "https://your.custom.host/location/"
image_proxy : False # Proxying image results through searx
http_protocol_version : "1.0" # 1.0 and 1.1 are supported
diff --git a/searx/settings_robot.yml b/searx/settings_robot.yml
index dbaf2fd..2c8f7cf 100644
--- a/searx/settings_robot.yml
+++ b/searx/settings_robot.yml
@@ -10,7 +10,6 @@ search:
server:
port : 11111
bind_address : 127.0.0.1
- secret_key : "ultrasecretkey" # change this!
base_url : False
image_proxy : False
http_protocol_version : "1.0"
diff --git a/searx/utils.py b/searx/utils.py
index 35cb6f8..284087d 100644
--- a/searx/utils.py
+++ b/searx/utils.py
@@ -2,6 +2,8 @@ import cStringIO
import csv
import os
import re
+import stat
+import xdg.BaseDirectory
from babel.dates import format_date
from codecs import getincrementalencoder
@@ -300,3 +302,61 @@ def load_module(filename, module_dir):
module = load_source(modname, filepath)
module.name = modname
return module
+
+
+class SecretAppKeyError(IOError):
+ def __init__(self, reason, caught=None):
+ self.reason = reason
+ self.caught = caught
+
+ def __str__(self):
+ err = ""
+ if self.caught != None:
+ err = '\n' + str(self.caught)
+ return repr(self.reason) + err
+
+
+_secret_app_key_length = 512
+
+
+_secret_app_key_file_name = "secret_key"
+
+
+# tries to read the secret key from the xdg cache directory,
+# if none exists it creates one
+# If directory is given it has to be an existing, readable directory.
+def get_secret_app_key(directory=None):
+
+ if directory is None:
+ try:
+ directory = xdg.BaseDirectory.save_cache_path("searx")
+ except OSError as e:
+ raise(SecretAppKeyError("could not get XDG_CACHE_DIR"))
+
+
+ # we save it as plaintext, assuming only the owner has access
+ f = os.path.join(directory, _secret_app_key_file_name)
+
+ def saError(msg, e=None):
+ raise SecretAppKeyError("{} {}".format(f, msg), e)
+
+ # if it exists, read it
+ if os.path.isfile(f):
+ try:
+ with open(f, 'r') as fh:
+ return fh.read()
+ except IOError as e:
+ saError("could not be read", e)
+ # if it doesn't, create it
+ else:
+ key = os.urandom(_secret_app_key_length)
+ try:
+ with open(f, 'w') as fh:
+ fh.write(key)
+ # the file should be readable/writable only by the owner
+ os.chmod(f, stat.S_IRUSR | stat.S_IWUSR)
+ return key
+ except IOError as e:
+ saError("could not be created", e)
+ except OSError as e:
+ saError("could not be chmodded to 600", e)
diff --git a/searx/webapp.py b/searx/webapp.py
index 929d9e2..31395af 100644
--- a/searx/webapp.py
+++ b/searx/webapp.py
@@ -28,6 +28,7 @@ import hmac
import json
import os
import requests
+import xdg
from searx import logger
logger = logger.getChild('webapp')
@@ -59,7 +60,7 @@ from searx.engines import (
from searx.utils import (
UnicodeWriter, highlight_content, html_to_text, get_themes,
get_static_files, get_result_templates, gen_useragent, dict_subset,
- prettify_url
+ prettify_url, get_secret_app_key
)
from searx.version import VERSION_STRING
from searx.languages import language_codes
@@ -103,7 +104,11 @@ app = Flask(
app.jinja_env.trim_blocks = True
app.jinja_env.lstrip_blocks = True
-app.secret_key = settings['server']['secret_key']
+
+# notify the user that the secret_key is no longer used
+if 'secret_key' in settings['server']:
+ logger.warning(' The "secret_key" config key is no longer used.')
+app.secret_key = get_secret_app_key()
if not searx_debug or os.environ.get("WERKZEUG_RUN_MAIN") == "true":
initialize_engines(settings['engines'])
@@ -265,7 +270,7 @@ def proxify(url):
url.encode('utf-8'),
hashlib.sha256).hexdigest()
- return '{0}?{1}'.format(settings['result_proxy']['url'],
+ return '{0}?{1}'.format(settings['re sult_proxy']['url'],
urlencode(url_params))
@@ -280,7 +285,7 @@ def image_proxify(url):
if settings.get('result_proxy'):
return proxify(url)
- h = hmac.new(settings['server']['secret_key'], url.encode('utf-8'), hashlib.sha256).hexdigest()
+ h = hmac.new(app.secret_key, url.encode('utf-8'), hashlib.sha256).hexdigest()
return '{0}?{1}'.format(url_for('image_proxy'),
urlencode(dict(url=url.encode('utf-8'), h=h)))
@@ -684,7 +689,7 @@ def image_proxy():
if not url:
return '', 400
- h = hmac.new(settings['server']['secret_key'], url, hashlib.sha256).hexdigest()
+ h = hmac.new(app.secret_key, url, hashlib.sha256).hexdigest()
if h != request.args.get('h'):
return '', 400
diff --git a/tests/unit/test_utils.py b/tests/unit/test_utils.py
index 0448079..7c88445 100644
--- a/tests/unit/test_utils.py
+++ b/tests/unit/test_utils.py
@@ -1,4 +1,8 @@
# -*- coding: utf-8 -*-
+import os
+import tempfile
+import stat
+
import mock
from searx.testing import SearxTestCase
from searx import utils
@@ -99,3 +103,63 @@ class TestUnicodeWriter(SearxTestCase):
rows = [1, 2, 3]
self.unicode_writer.writerows(rows)
self.assertEqual(self.unicode_writer.writerow.call_count, len(rows))
+
+
+class TestSecretAppKey(SearxTestCase):
+
+ def setUp(self):
+ self.getkey = utils.get_secret_app_key
+ self.fn = utils._secret_app_key_file_name
+
+ def keyfile(self, dir_):
+ return os.path.join(dir_, self.fn)
+
+ @staticmethod
+ def freshdir():
+ return tempfile.mkdtemp()
+
+ # generation of a key
+ def test_empty_dir(self):
+ dir_ = self.freshdir()
+ key = self.getkey(dir_)
+ self.assertNotEqual(key, "")
+ file_ = self.keyfile(dir_)
+ self.assertTrue(os.path.isfile(file_))
+ mode = os.stat(file_).st_mode
+ # equal to read and write for user
+ self.assertEquals(mode & (stat.S_IRWXG | stat.S_IRWXU | stat.S_IRWXO),
+ (stat.S_IRUSR | stat.S_IWUSR))
+
+ # generation & successive read of the generated key
+ def test_existing_key(self):
+ dir_ = self.freshdir()
+ key = self.getkey(dir_)
+ key2 = self.getkey(dir_)
+ self.assertEquals(key, key2)
+
+ def test_not_nice(self):
+ def touch(f, mode):
+ open(f, 'w').close()
+ os.chmod(f, mode)
+
+ def raisesappkeyerror(dir_):
+ with self.assertRaises(utils.SecretAppKeyError):
+ self.getkey(dir_)
+
+ # input dir doesn't exist
+ raisesappkeyerror("<nonexisting file>")
+
+ # read-only
+ d1 = self.freshdir()
+ touch(self.keyfile(d1), 0)
+ raisesappkeyerror(d1)
+
+ # dir
+ d2 = self.freshdir()
+ os.mkdir(self.keyfile(d2))
+ raisesappkeyerror(d2)
+
+ # non-writable dir
+ d3 = self.freshdir()
+ os.chmod(d3, stat.S_IRUSR)
+ raisesappkeyerror(d3)
|
