#!/bin/bash

## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

#set -x

check_tor_config_do() {
   ## Fallback.
   tor_verify_config_exit_code="0"

   ## Only check on Whonix-Gateway.
   if [ ! -e "/usr/share/anon-gw-base-files/gateway" ]; then
      tor_verify_config_exit_code="0"
      return 0
   fi

   if test -f /run/qubes/this-is-templatevm ; then
      tor_verify_config_exit_code="0"
      return 0
   fi

   ## XXX:
   ## No longer running:
   ## sudo -u debian-tor tor --verify-config -f /usr/share/tor/tor-service-defaults-torrc
   ## Too many warnings for /usr/share/tor/tor-service-defaults-torrc since:
   ## tor 0.2.6.8-5~d80.jessie+1
   ## (You configured a non-loopback address [...])

   ## This has a /etc/sudoers.d exception.
   tor_verify_config_output="$(leaprun tor-verify-config 2>&1)" || { tor_verify_config_exit_code="$?" ; true; };
   tor_verify_config_output="$(br_add "$tor_verify_config_output")"

   ## concise report which only contains complains with [warn] or [err] tags
   tor_verify_config_output_concise="$(grep -E -w -h -i '\[warn\]|\[err\]' <<< "$tor_verify_config_output" 2>&1)" || true

   return 0
}

check_tor_config() {
   ## sets: tor_verify_config_exit_code, tor_verify_config_output
   check_tor_config_do

   if [ ! "$tor_verify_config_exit_code" = "0" ]; then
      local if_you_know_what_you_are_doing_msg
      if_you_know_what_you_are_doing_msg="$(if_you_know_what_you_are_doing_funct "$FUNCNAME")"
      local MSG="<p>Tor Config Check Result:
<br></br><b>Your Tor config file contains at least one error.</b></p>

<p>(Tor exit code: $tor_verify_config_exit_code)</p>

<p><u><b>Tor concise reports (below warns and errors must be fixed before you can use Tor)</b></u>:
<br></br><code>$tor_verify_config_output_concise</code></p>

<p><u>Tor full reports</u>:
<br></br><code>$tor_verify_config_output</code></p>

Try to look at this report yourself by running.

$start_menu_instructions_system_first_part Terminal

<blockquote>sudo -u debian-tor tor --verify-config</blockquote>

<p>To try to fix this, please open your Tor config file.

<blockquote>    $start_menu_instructions_system_first_part Torrc</blockquote>
    <br></br>or in Terminal: <code>sudo nano /usr/local/etc/torrc.d/50_user.conf</code></p>

<p>Please restart Tor after fixing this error.

<blockquote>    $start_menu_instructions_system_first_part Restart Tor</blockquote>
    <br></br>or in Terminal: <code>sudo service tor@default restart</code></p>

<p>Restart <code>systemcheck</code> after fixing this error.

<blockquote>    $start_menu_instructions_system_first_part System Check</blockquote>
    <br></br>or in Terminal: <code>systemcheck</code></p>

<p>$if_you_know_what_you_are_doing_msg</p>"
      $output_x ${output_opts[@]} --messagex --typex "error" --message "$MSG"
      $output_cli ${output_opts[@]} --messagecli --typecli "error" --message "$MSG"
      EXIT_CODE="1"
      cleanup "1"
      return 0
   else
      local MSG="<p>Tor Config Check Result: Tor config ok.</p>"
      if [ "$verbose" -ge "1" ]; then
         $output_x ${output_opts[@]} --messagex --typex "info" --message "$MSG"
         $output_cli ${output_opts[@]} --messagecli --typecli "info" --message "$MSG"
      fi
   fi
}