/
torbrowser
executable file
·536 lines (471 loc) · 17.8 KB
/
torbrowser
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
#!/bin/bash
## Copyright (C) 2012 - 2018 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
## See the file COPYING for copying conditions.
#set -x
#exec 1>/tmp/torbrowser.log
#exec 2>/tmp/torbrowser.log
set -o pipefail
set -o errtrace
[ -n "$SCRIPTNAME" ] || SCRIPTNAME="$(basename "$BASH_SOURCE")"
IDENTIFIER="torbrowser"
ICON="/usr/share/icons/anon-icon-pack/tbupdate.ico"
tb_error_handler() {
local exit_code="$?"
local MSG="\
###########################################################
## $SCRIPTNAME script bug.
## No panic. Nothing is broken. Just some rare condition
## has been hit. Try again later. There is likely a
## solution for this problem. Please see the Whonix News,
## Whonix User Help Forum and Whonix Documentation.
## https://www.whonix.org/wiki/$tb_wiki
## Please report this bug!
##
## BASH_COMMAND: $BASH_COMMAND
## exit_code: $exit_code
##
## output: $output
## output_opts: ${output_opts[@]}
## progressbaridx: $progressbaridx
##
## Experts only:
## bash -x $SCRIPTNAME
###########################################################\
"
## XXX
#mkdir --parents "$tb_cache_folder"
#echo "$MSG" >> "$tb_cache_folder/torbrowser_updater_error.log"
if [ "$progressbaridx" = "" ]; then
true
else
$output ${output_opts[@]} --progressbaridx "$progressbaridx" --progressx "100"
fi
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
exit 1
}
trap "tb_error_handler" ERR
tb_set_links() {
DOC_LINK="https://www.whonix.org/wiki/Documentation"
CONTRIBUTE_LINK="https://www.whonix.org/wiki/Contribute"
DONATE_LINK="https://www.whonix.org/wiki/Payments"
FORUM_LINK="https://forums.whonix.org"
MAILINGLIST_LINK="https://www.whonix.org/pipermail/whonix-devel/"
IMPORTANTBLOG_LINK="https://forums.whonix.org/tags/important-news"
FEATUREBLOG_LINK="https://forums.whonix.org/c/news"
if [ ! "$TB_CUSTOM_HOMEPAGE" = "" ]; then
## Prefer the custom homepage a user might have defined over
## everything else.
DEFAULT_LINK="$TB_CUSTOM_HOMEPAGE"
elif [ -f "/usr/share/anon-ws-base-files/workstation" ]; then
## Running inside a Whonix-Workstation.
local whonix_homepage
whonix_homepage="/usr/share/homepage/whonix-welcome-page/whonix.html"
if [ -f "$whonix_homepage" ]; then
## Great, we have whonix-welcome-page installed, prefer that one.
DEFAULT_LINK="file://$whonix_homepage"
open_link_confirmation_maybe_skip=true
else
## whonix-welcome-page not installed, fall back to about:blank,
## because about:tor does not apply to Whonix (makes users confuse
## The Tor Project with Whonix).
DEFAULT_LINK="about:blank"
open_link_confirmation_maybe_skip=true
fi
elif [ -f "/usr/share/anon-gw-base-files/gateway" ]; then
## about:tor also does not apply here.
DEFAULT_LINK="about:blank"
open_link_confirmation_maybe_skip=true
else
## Running outside of Whonix.
true "Not modifying which link to open."
fi
}
root_check() {
if [ "$(id -u)" != "0" ]; then
#echo "$SCRIPTNAME running as user."
true
else
echo "Do not run $SCRIPTNAME as root!"
exit 1
fi
}
tb_preparation() {
who_ami="$(whoami)"
if command -v qubesdb-read >/dev/null 2>&1 ; then
[ -n "$is_qubes" ] || is_qubes=true
## qubesdb-read fails inside chroot, therefore overwriting with '|| true'.
[ -n "$qubes_vm_name" ] || qubes_vm_name="$(qubesdb-read /name)" || true
[ -n "$qubes_vm_type" ] || qubes_vm_type="$(qubesdb-read /qubes-vm-type)" || true
else
[ -n "$is_qubes" ] || is_qubes=false
fi
if [ "$qubes_vm_type" = "TemplateVM" ]; then
if [ "$tb_user_home" = "" ]; then
tb_user_home="/var/cache/tb-binary"
fi
fi
[ -n "$tb_user_home" ] || tb_user_home=~
## When double clicking a file downloaded in Tor Browser download tab
## '~' would be set to '/home/user/.tb/tor-browser/Browser' which would lead
## to a false-positive "Tor Browser not installed" message.
if echo "$tb_user_home" | grep -q tor-browser ; then
tb_user_home="/home/$who_ami"
fi
[ -n "$tb_install_folder" ] || tb_install_folder="tb"
[ -n "$tb_install_folder_dot" ] || tb_install_folder_dot=".tb"
[ -n "$tb_browser_name" ] || tb_browser_name="tor-browser"
[ -n "$tb_settings_folder" ] || tb_settings_folder="torbrowser.d"
[ -n "$tb_name" ] || tb_name="tor"
[ -n "$tb_title" ] || tb_title="Tor Browser"
[ -n "$tb_wiki" ] || tb_wiki="Tor_Browser"
[ -n "$tb_proxy_name" ] || tb_proxy_name="tor"
[ -n "$tb_bin" ] || tb_bin="torbrowser"
[ -n "$tb_browser_runner" ] || tb_browser_runner="start-tor-browser"
[ -n "$IDENTIFIER" ] || IDENTIFIER="$tb_bin"
[ -n "$tb_home_folder" ] || tb_home_folder="$tb_user_home/$tb_install_folder_dot"
[ -n "$tb_browser_folder" ] || tb_browser_folder="$tb_home_folder/$tb_browser_name"
if [ "$display" = "" ]; then
if [ "$DISPLAY" = "" ]; then
display=":0"
else
display="$DISPLAY"
fi
fi
output="/usr/lib/msgcollector/msgcollector"
local my_tty
local my_tty_exit_code
my_tty_exit_code="0"
my_tty="$(tty)" || { my_tty_exit_code="$?" ; true; };
if [ ! "$my_tty_exit_code" = "0" ]; then
my_tty="none"
fi
## Just in case.
if [ "$my_tty" = "" ]; then
my_tty="none"
fi
who_ami="$(whoami)"
output_opt_1="--icon $ICON"
output_opt_2="--parentpid $$"
output_opt_3="--identifier ${IDENTIFIER}"
output_opt_4="--parenttty $my_tty"
output_opt_5="--whoami $who_ami"
output_opts=( "$output_opt_1" "$output_opt_2" "$output_opt_3" "$output_opt_4" "$output_opt_5")
TITLE="$tb_title Starter (by Whonix developers)"
## TODO
#$output ${output_opts[@]} --forget
}
tb_config_folder_parser() {
[ -n "$tb_settings_folder" ] || tb_settings_folder="torbrowser.d"
shopt -s nullglob
local i
for i in /etc/$tb_settings_folder/*.conf /rw/config/$tb_settings_folder/*.conf; do
bash -n "$i"
source "$i"
done
}
tb_templatevm_check() {
if [ "$is_qubes" = "false" ]; then
true "Not running in Qubes."
return 0
fi
if [ ! "$qubes_vm_type" = "TemplateVM" ]; then
true "Not running in TemplateVM."
return 0
fi
if [ "$tb_allow_start_in_templatevm" = "true" ]; then
true "tb_allow_start_in_templatevm is true."
return 0
fi
if [ "$have_other_args" = "false" ]; then
tb_qubes_wiki="Running_${tb_wiki}_in_Qubes_TemplateVM"
local MSG="<p>Do not run $tb_title in TemplateVM.<br></br>
<br></br>
More info: <a href=https://www.whonix.org/wiki/$tb_wiki#$tb_qubes_wiki>https://www.whonix.org/wiki/$tb_wiki#$tb_qubes_wiki</a></p>"
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
exit 3
fi
}
tb_qubes_dvm_template() {
if echo "$qubes_vm_name" | grep -q --invert-match "\-dvm" ; then
true "INFO: not running inside Qubes DVM Template, ok."
return 0
fi
local MSG="\
<p>Do not run Tor Browser in Qubes DVM Template!<br></br>
<br></br>
More info: <a href=https://www.whonix.org/wiki/Tor_Browser#Running_Tor_Browser_in_Qubes_DVM_Template>https://www.whonix.org/wiki/Tor_Browser#Running_Tor_Browser_in_Qubes_DVM_Template</a></p>"
$output ${output_opts[@]} --messagex --titlex "$TITLE" --typex "error" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --titlecli "$TITLE" --typecli "error" --message "$MSG" --done
exit 1
}
parse_cmd_options() {
## Thanks to:
## http://mywiki.wooledge.org/BashFAQ/035
while :
do
case $1 in
--doc)
LINK="$DOC_LINK"
shift
;;
--contribute)
LINK="$CONTRIBUTE_LINK"
shift
;;
--donate)
LINK="$DONATE_LINK"
shift
;;
--forum)
LINK="$FORUM_LINK"
shift
;;
--mailinglist)
LINK="$MAILINGLIST_LINK"
shift
;;
--importantblog)
LINK="$IMPORTANTBLOG_LINK"
shift
;;
--featureblog)
LINK="$FEATUREBLOG_LINK"
shift
;;
--clearnet)
tb_clearnet="true"
shift
;;
--)
shift
break
;;
*)
break
;;
esac
done
## If there are input files (for example) that follow the options, they
## will remain in the "$@" positional parameters.
local other_args
other_args="$@"
if [ "$other_args" = "" ]; then
have_other_args="false"
if [ "$LINK" = "" ]; then
LINK="$DEFAULT_LINK"
if [ "$open_link_confirmation_maybe_skip" = "true" ]; then
open_link_confirmation_skip="true"
fi
fi
else
have_other_args="true"
fi
}
tb_detect_starter_bin() {
if [ ! "$tb_starter_bin" = "" ]; then
return 0
fi
if [ -x "$tb_browser_folder/Browser/$tb_browser_runner" ]; then
## Preferring $tb_browser_folder/Browser/$tb_browser_runner to work around
## The Tor Project upstream issue:
## 'start-tor-browser.desktop parameter passing broken on spaces'
## https://trac.torproject.org/projects/tor/ticket/18022
tb_starter_bin="$tb_browser_folder/Browser/$tb_browser_runner"
elif [ -x "$tb_browser_folder/$tb_browser_runner" ]; then
tb_starter_bin="$tb_browser_folder/$tb_browser_runner"
elif [ -x "$tb_browser_folder/$tb_browser_runner.desktop" ]; then
tb_starter_bin="$tb_browser_folder/$tb_browser_runner.desktop"
else
local MSG="Neither <code>$tb_browser_folder/Browser/$tb_browser_runner</code> nor\
<code>$tb_browser_folder/$tb_browser_runner</code> nor \
<code>$tb_browser_folder/$tb_browser_runner.desktop</code> is executable."
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
exit 2
fi
}
tb_clearnet() {
if test -f "$tb_browser_folder/clearnet-marker" ; then
if [ ! "$tb_clearnet" = "true" ]; then
local MSG="Clearnet marker file exists and trying to start without --clearnet. Aborted. A Tor Browser that was previously started with --clearnet should not be started without --clearnet."
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
exit 2
return 0
fi
fi
if [ ! "$tb_clearnet" = "true" ]; then
return 0
fi
if diff /usr/share/tb-updater/tb_without_tor_settings.js "$tb_browser_folder/Browser/TorBrowser/Data/Browser/profile.default/user.js" >/dev/null 2>&1 ; then
true "our version exists"
elif test -f "$tb_browser_folder/Browser/TorBrowser/Data/Browser/profile.default/user.js" ; then
true "some version exists"
else
cp /usr/share/tb-updater/tb_without_tor_settings.js "$tb_browser_folder/Browser/TorBrowser/Data/Browser/profile.default/user.js"
fi
if ! test -f clearnet-marker ; then
touch "$tb_browser_folder/clearnet-marker"
fi
TOR_SKIP_CONTROLPORTTEST=1
TOR_SKIP_LAUNCH=1
TOR_TRANSPROXY=1
export TOR_SKIP_CONTROLPORTTEST TOR_SKIP_LAUNCH TOR_TRANSPROXY
}
tb_start_tor_browser() {
local tb_exit_code="0"
$tb_starter_bin_pre $tb_starter_bin --allow-remote $tb_starter_bin_post "$@" || { tb_exit_code="$?" ; true; };
if [ ! "$tb_exit_code" = "0" ]; then
local MSG="<p>Failed to start $tb_title!<br></br>
<br></br>
Failed to run:<br></br>
<br></br><code>$tb_starter_bin --allow-remote \"$@\"</code>.
<br></br>
<br></br>Exited with code: <code>$tb_exit_code</code>
<br></br>
<br></br>To see this for yourself, you could try: <blockquote>Start Menu -> Applications -> System -> Terminal
<br></br>Then run:
<br></br><code>$SCRIPTNAME</code></blockquote></p>"
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
exit "$tb_exit_code"
fi
}
maybe_use_open_link_confirmation() {
## Environment variable OPEN_LINK_CONFIRMATION might be set to 'true' if
## we are run by open_link_confirmation.
if [ "$OPEN_LINK_CONFIRMATION" = "true" ]; then
## We are run by open_link_confirmation. Not run open_link_confirmation
## again. Open Tor Browser.
tool=tb_start_tor_browser
else
tool=tb_start_tor_browser
## maybe use open link confirmation
if [ -x /usr/lib/open_link_confirmation ]; then
if [ ! "$open_link_confirmation_skip" = "true" ]; then
tool="/usr/lib/open_link_confirmation"
fi
fi
fi
local temp
local tool_exit_code="0"
if [ "$LINK" = "" ]; then
temp="$tool $@"
$tool "$@" || { tool_exit_code="$?" ; true; };
else
temp="$tool $@"
$tool "$LINK" || { tool_exit_code="$?" ; true; };
fi
if [ ! "$tool_exit_code" = "0" ]; then
local MSG="<p>$tb_title maybe_use_open_link_confirmation error.
<br></br>
<br></br>Failed:
<br></br><code>$temp</code></p>"
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
exit 1
fi
}
tb_folder_change_directory() {
local change_directory_exit_code="0"
cd "$tb_browser_folder" || { change_directory_exit_code="$?" ; true; };
if [ ! "$change_directory_exit_code" = "0" ]; then
local MSG="<p>$tb_title permission issues?<br></br>
Failed to <code>cd \"$tb_browser_folder\"</code>.<br></br>
To fix this, you could try: <blockquote>Start Menu -> Applications -> System -> Terminal<br></br>
<code>sudo chown --recursive \"$who_ami\":\"$who_ami\" \"$tb_browser_folder\"</code></blockquote></p>"
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
exit 1
fi
}
check_tb_updater_first_boot_done() {
local systemctl_output
local wait_counter
wait_counter="0"
while true ; do
if systemctl_output="$(systemctl --no-pager --no-block status tb-updater-first-boot.service 2>&1)" ; then
break
fi
wait_counter="$(( wait_counter + 1 ))"
sleep 1 &
wait "$!"
if [ "$wait_counter" -ge 20 ]; then
systemctl_output="$(/usr/lib/msgcollector/br_add "$systemctl_output")"
local MSG="<p>Failed to start $tb_title!<br></br>
<br></br>
Failed to run:<br></br>
<br></br><code>systemctl --no-pager --no-block status tb-updater-first-boot.service</code>.
<br></br>
<br></br>systemctl output:
<br></br>
<br></br><code>$systemctl_output</code>
<br></br>
<br></br>To see this for yourself, you could try: <blockquote>Start Menu -> Applications -> System -> Terminal
<br></br>Then run:
<br></br><code>systemctl --no-pager --no-block status tb-updater-first-boot.service</code></blockquote></p>"
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
exit 4
fi
done
}
maybe_install_tor_browser() {
if [ -d "$tb_browser_folder" ]; then
return 0
fi
local MSG="<p>$tb_title is currently not installed.
<br></br>(Folder $tb_browser_folder does not exist.)</p>"
local question="Start $tb_title Downloader (by Whonix Developers)?"
local button="yesno"
local answer
answer="$(/usr/lib/msgcollector/generic_gui_message "error" "$TITLE" "$MSG" "$question" "$button")"
#answer="0"
#zenity --title="$TITLE" --question --text "$MSG" || { answer="$?" ; true; };
## zenity exit codes
## no 1
## yes 0
if [ "$answer" = "16384" ]; then ## button 'yes' pressed
local update_torbrowser_command_v_exit_code="0"
command -v update-torbrowser >/dev/null 2>/dev/null || { update_torbrowser_command_v_exit_code="$?" ; true; };
if [ "$update_torbrowser_command_v_exit_code" = "0" ]; then
## update-torbrowser is available.
## || true, in case update-torbrowser fails for some reason (no
## internet connection).
update-torbrowser $tb_using_i2p --noaskstart || true
else
## update-torbrowser is not available.
MSG="<p>$tb_title Updater (by Whonix developers) is not installed.
update-torbrowser $tb_using_i2p is not available. Please install the tb-updater package.
<br></br>Run:
<blockquote>sudo apt-get install tb-updater</blockquote>
Then try again.</p>"
$output ${output_opts[@]} --messagex --typex "error" --titlex "$TITLE" --message "$MSG" --done
$output ${output_opts[@]} --messagecli --typecli "error" --titlecli "$TITLE" --message "$MSG" --done
fi
else ## button 'yes' not pressed
exit 0
fi
if [ ! -d "$tb_browser_folder" ]; then
## Still not installed.
exit 0
fi
}
main_function() {
root_check "$@"
tb_preparation "$@"
tb_set_links "$@"
tb_config_folder_parser "$@"
parse_cmd_options "$@"
tb_templatevm_check "$@"
tb_qubes_dvm_template "$@"
check_tb_updater_first_boot_done "$@"
maybe_install_tor_browser "$@"
tb_folder_change_directory "$@"
tb_detect_starter_bin "$@"
tb_clearnet "$@"
maybe_use_open_link_confirmation "$@"
}
main_function "$@"