Delivery-Date: Thu, 07 Aug 2014 20:14:41 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id E1A331E0D32;
	Thu,  7 Aug 2014 20:14:39 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 475BD2EB57;
	Fri,  8 Aug 2014 00:14:35 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id BD9CA2693D
 for <tor-talk@lists.torproject.org>; Fri,  8 Aug 2014 00:14:31 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id nP29jvlmF4wv for <tor-talk@lists.torproject.org>;
 Fri,  8 Aug 2014 00:14:31 +0000 (UTC)
Received: from patternsinthevoid.net (greyarea.patternsinthevoid.net
 [106.187.37.158])
 by eugeni.torproject.org (Postfix) with ESMTP id 3EA12265F6
 for <tor-talk@lists.torproject.org>; Fri,  8 Aug 2014 00:14:31 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by patternsinthevoid.net (Postfix) with ESMTP id EE7983A1414
 for <tor-talk@lists.torproject.org>; Fri,  8 Aug 2014 00:14:26 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at patternsinthevoid.net
Received: from patternsinthevoid.net ([127.0.0.1])
 by localhost (greyarea.patternsinthevoid.net [127.0.0.1]) (amavisd-new,
 port 10024)
 with ESMTP id YtzpKZi4KLRn for <tor-talk@lists.torproject.org>;
 Fri,  8 Aug 2014 00:14:21 +0000 (UTC)
Date: Fri, 8 Aug 2014 00:13:16 +0000
From: isis <isis@torproject.org>
To: tor-talk@lists.torproject.org
Message-ID: <20140808001316.GF23636@patternsinthevoid.net>
References: <53D727D8.7010902@riseup.net> <53DE3C5D.8020200@whonix.org>
 <20140804204904.GA5462@patternsinthevoid.net>
 <53E38770.4080304@whonix.org>
MIME-Version: 1.0
In-Reply-To: <53E38770.4080304@whonix.org>
X-GPG-Public-Key-URL: https://blog.patternsinthevoid.net/isis.txt
X-Louis-Lingg: In this hope do I say to you I despise you. I despise your
 order, your laws, your force-propped authority. Hang me for it!
Subject: Re: [tor-talk] using locally installed Tor in TBB
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============3497169739955452275=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============3497169739955452275==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="ULyIDA2m8JTe+TiX"
Content-Disposition: inline


--ULyIDA2m8JTe+TiX
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Patrick Schleizer transcribed 2.2K bytes:
> isis:
> > This should be fixed (for Linux) in an upcoming Tor Browser 4.0 release=
=2E I've
> > added these things to the `start-tor-browser` script. There are:
> >=20
> >     - Instructions for use, including additional Firefox preferences th=
at
> >       you'll need to set (to tell Tor Button where your ControlPort and
> >       SocksPort are, etc.)
> >=20
> >     - An "easy" spot in the `start-tor-browser` script to put in your
> >       ControlPort password so that it is given to the Firefox process (=
but not
> >       exported, because then other programs might be able to steal it)
> >=20
> >     - A line will print to your terminal telling you that you're using a
> >       system-installed Tor.
> >=20
> > See #10178, [0] and this commit [1] containing the changes. If you're r=
unning
> > Linux and would like to test these, nightly builds are available. [2]
> >=20
> > Contributions to improve this, i.e. automatically setting the preferenc=
es for
> > you, are welcome.
> >=20
> > [0]: https://bugs.torproject.org/10178
> > [1]: https://gitweb.torproject.org/builders/tor-browser-bundle.git/comm=
itdiff/a566e85f785c12157283920a179cdc64fdd28b32
> > [2]: https://people.torproject.org/~linus/builds/
>=20
> Hi isis,
>=20
> thank you for working on this!
>=20
> Comments on the script / patch:


Hey Patrick!

Thanks for the thanks, and for the code review!


> - You switched from #!/bin/sh to #!/bin/bash. While I personally
> preferred to forget about bothering with sh and switching to bash, I
> don't there are any systems that only have sh, no bash? (`checkbashisms`
> may be helpful.)


tl;dr: I've never used that devscript before. Neat, thanks! You're actually
correct that `/bin/bash` doesn't need to be there, because my changes which
required it [0] were reverted for TB-4.0-alpha-1 [1] due to the concerns
(mostly the fault of HTTPSEverywhere logging URIs) raised by Robert Ransom =
on
ticket #12468 [2] (although they are still in 3.6.x). To read more about wh=
y I
wrote this crazy code, read on. :)


I think I probably know most of the bashisms, like `[` being a command, you
can still `exec 3<>/dev/tcp/fyb.patternsinthevoid.net/80` to open a TCP
connection even if there isn't a `/dev/tcp`, [3] doing `echo '-e'` doesn't
echo anything because echo is a broken piece of crap... I can keep going. :)
Bash is messed up. Usually, I know how to convert bash syntax to shell, but
there are a couple builtins in particular which don't really have a shell
equivalent.

Normally, I would not want to switch to bash due to portability issues, as =
you
point out (and unstable syntax and behaviour between bash versions). But the
the particular bashism that I needed in this case, there isn't any equivale=
nt
(to my knowledge) in shell: the `disown` builtin. It's used in the very last
stanzas that I added to the start-tor-browser script:

for second in `seq 1 15` ; do
    sleep 1
    if `kill -0 $pid 2>&1 >/dev/null ` ; then
        wait "$pid"
        exitcode=3D"$?"
        printf "Tor Browser exited suddenly! Exit code: %s\n" "$exitcode"
        exit "$exitcode"
    else
        continue
    fi
done

if test -z "${exitcode}" ; then
    if test -z "$(kill -0 $pid 2>&1 >/dev/null)" ; then
        printf "Running Tor Browser process (PID %s) in background...\n" "$=
pid"
        disown "$pid"
        exitcode=3D"0"
    else
        exitcode=3D"66" # Something odd happened
    fi
fi

exit "$exitcode"

For additional reasoning behind this crazy code, see my commit message. [0]


> - Can you run the script through the code analysis tool `shellcheck`
> please? [1] It reports some issues that are worth fixing.


Hmm, like most static analysis tools, it seems like it's not really doing a
good job at taking overall context into account:

  1. There are plenty of cases where I *do* want ${@} to glob and split wor=
ds,
     that's *why* there's no quotes around it.

  2. It doesn't seem to know about `test -t` syntax to test if a file
     descriptor is opened on a terminal.

  3. And it seems to be confused on the difference between $(...) and `...`
     syntax. $(...) is evaluated at access time (if unquoted), `...` is
     evaluated immediately. There's a good Bash Hackers article on this [4]
     (the writer actually concludes on the $(...) side of things too, like =
the
     shellcheck tool), but I really think it's a style preference. I could
     easily argue that because:

         $( (ls) )

     and

         $((ls))

     are entirely different commands, that therefore $(...) syntax is
     confusing and tricky and should be considered deprecated. Also, while
     `...` doesn't handle nested backticks nicely, its *real* POSIX equival=
ent
     "$(...)"  (with quotes) doesn't handle nested double-quotes nicely. :)

Though `shellcheck` is actually pointing out some valid mistakes. I'll have=
 to
ask Mike Perry and the rest of the Tor Browser Team what they want done with
that. (I think there were some major changes planned, and the
start-tor-browser script is going to deprecated/replaced?)

Either way, you seem really knowledgable about shell scripting, if you want=
ed
to contribute to Tor Browser, using your skills on all the bash/shell in the
the tor-browser-bundle repo [5] would be a great way to start.


> - Wouldn't it be better if the script started Firefox using `exec`? (As
> per best scripting practices [4].)


In the case of the old (pre TB-3.6.2, before my crazy `wait` code above),
possibly. But doing so would obviously mean that the `firefox` process and =
its
environment would replace the shell. This means that when the `firefox`
process dies, the shell would disappear (along with any advice, errors, logs
which had been logged to it, since the old version doesn't log to file).

In the versions which do have my crazy code, that crazy code wouldn't get r=
un,
because there wouldn't be a shell to run it any longer. I felt that the cra=
zy
code was necessary, as it gives error messages for the potential cases where
Firefox couldn't start because it was already running, couldn't start perio=
d,
exited unexpectedly, or couldn't be disowned for some reason. In all cases,=
 my
crazy code *should* handle dealing with hung, non-existent, errored,
etc. Firefox processes, and then it *should* always exit the shell, which (=
to
my understanding) is pretty much the reason one is supposed to `exec` a
wrapped process, so that an extra (sub)shell process isn't left lying aroun=
d.

I could be entirely wrong, though, and perhaps there is some fancy `exec`
syntax which takes care of the processes errors. (If there is, I'd be stoked
to learn about it!)


> If you wish I could do the changes in a github branch if you would be
> willing to review.


That sounds great! Just be sure to explain weird shellisms and bashisms with
code comments or commit messages.

I also see you have an (somewhat) old tbb-scripts repo. [6] I've got a bunch
of random hacky tor-related scripts too, for setting up transproxies and
catching GFW garbage probes, [7] verifying gitian builder scripts, [8] doing
all your DNS on a remote Tor relay (through tor, with DNSSEC validation and
caching), [9] etc. I know Ximin's (infinity0) got some nice hacky scripts t=
oo,
and meejah, perhaps we should all join forces and create a tor-hacks repo?


> All the best,
> Patrick
>=20
> [1] shellcheck [2] is an online service and Libre Software
> (downloadable) that detects problems with sh/bash scripts. Also
> available in Debian jessie [3] and sid.
> [2] http://www.shellcheck.net/
> [3] https://packages.debian.org/jessie/shellcheck
> [4] http://mywiki.wooledge.org/WrapperScript
>=20

[0]: https://gitweb.torproject.org/builders/tor-browser-bundle.git/commitdi=
ff/c2bd8a5f070e771623aebfb66e95e9e954e5522d
[1]: https://gitweb.torproject.org/builders/tor-browser-bundle.git/commit/2=
7f1353baa0e3ce4dafcebe0eae6b48aa2f8704c
[2]: https://trac.torproject.org/projects/tor/ticket/12468
[3]: http://www.linuxjournal.com/content/more-using-bashs-built-devtcp-file=
-tcpip
[4]: http://wiki.bash-hackers.org/syntax/expansion/cmdsubst
[5]: https://gitweb.torproject.org/builders/tor-browser-bundle.git
[6]: https://github.com/adrelanos/tbb-scripts
[7]: https://github.com/isislovecruft/scripts/blob/master/transproxy.firewa=
ll.sh
[8]: https://github.com/isislovecruft/scripts/blob/master/verify-gitian-bui=
lder-signatures
[9]: https://github.com/isislovecruft/scripts/blob/master/dnswithtor

--=20
 =E2=99=A5=E2=92=B6 isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt

--ULyIDA2m8JTe+TiX
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQMhBAEBCgELBQJT5BYcBYMB4TOAVhSAAAAAACUAKGlzaXMrc2lnbnN1YmtleUBw
YXR0ZXJuc2ludGhldm9pZC5uZXRGQzYzQUE1Q0QxOTM4NjlDMzIzNzE0NUE1QzE3
Nzc2RTI3RjdFODRESxSAAAAAABoAKGlzaXNAcGF0dGVybnNpbnRoZXZvaWQubmV0
MEE2QTU4QTE0QjU5NDZBQkRFMThFMjA3QTNBREI2N0EyQ0RCOEIzNS4aaHR0cHM6
Ly9ibG9nLnBhdHRlcm5zaW50aGV2b2lkLm5ldC9wb2xpY3kudHh0LJhodHRwczov
L2Jsb2cucGF0dGVybnNpbnRoZXZvaWQubmV0L2lzaXMudHh0AAoJEFwXd24n9+hN
Xa8P/A60+vgetdz1ma9HWIE+ugRqmAvTGnKaeVHrverXK2zp3yUnkE0JjfhCQhoG
92Tbw3csQ+J4f2ebxMQ8EPYBixcUKTQI5DG/lyQasOFOlBOJsJ+yyLhxufrZTbgL
R7QVPJyTO7bAGLfun8szcpziqyHWlySvEE/AgAc7WgYVirGk+a0dvw4u4cHMssih
eyFYhb2V638CJ7Uc7G1kjWp100+X8h3sNShIaRdcLLhxd4cAKhhQoQngB6niWNza
zhwQkBCKGiCLFGDQRpAta40rnI8CpQY+hq34H0iGTRrePnVvyJtVCqX2uGqUjS+v
T68pUEV1jci2Qmr/l/XpKqdTB9vOX7GIhsZOjkvO15uCVjdpWu2R7stYN2TF6t63
sFKq3C/bXI9DWm2Qwnwt9BEWqAYDv7vwQrVHUA7/erGbihoLuGZ4hFXGkR1pSUAf
e/x48zFlmFiyAe1nVs1nwWAsXw9A+EU94Cb3nCyRGq/Bgr7tf7VYXwft+wdjVmql
M8mUpoMbWK2O5eMZ6U5c58cLfo73imuwlnNlRTcyel+wae+GiA8QSyXx3Ud/SKED
IHio+dmbnZOjTYLLGq3vlPPuVNk/A10CJKc1gjCQhmZGpwlma8LikNh7YJOLqgjl
8i+aD8VNuD3f6SGcq20HvcxHTMgEUE2iZ4IOHMYAH2jVhY5j
=71TS
-----END PGP SIGNATURE-----

--ULyIDA2m8JTe+TiX--

--===============3497169739955452275==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============3497169739955452275==--

