Set time from Tor consensus unless it's already in the valid interval.
This is based on ideas from Liberte Linux' tordate script, and meant to implement https://tails.boum.org/todo/remove_the_htp_user_firewall_exception/ This allows greatly simplifying the 50-htp.sh NM hook: no need to do fancy tricks with /etc/hosts anymore. Split out and re-order NM hooks: First, setup the firewall. Then restart Tor. Then set the time using Tor consensus, and start HTP (non-blocking) in the background. Eventually, restart and cleanup everything that needs to: ttdnsd, pdnsd, Vidalia, etc. Doing so allows us to stop passing a tiny DNS timeout to htpdate / wget anymore: commit e291af5d, that introduced this "-t 1" option, explains why it was added. These reasons don't stand anymore: the IPs of the server queried by htpdate are not in /etc/hosts nowadays. Non-blocking htpdate has an initscript (/etc/init.d/htpdate, that should not start on its own); its options were moved to /etc/default/htpdate. The tails-htp-notify-user script is removed: no need for feedback as this is now non-blocking and does not prevent actual usage. A bit more KISS does not hurt.
Showing with 291 additions and 575 deletions
config/chroot_local-includes/etc/NetworkManager/dispatcher.d/60-tor-sighup.sh → config/chroot_local-includes/etc/NetworkManager/dispatcher.d/60-vidalia.sh