koonix · February 27, 2022 21:02
diff --git a/circumvent.sh b/circumvent.sh
 #!/bin/sh
 # download, configure and start the psiphon proxy client.
 # requires curl, aria2, libnotify (optional).

 # Config
 # ==========
 # ports
 SOCKS_PORT=9050
 HTTP_PORT=8585
 #
 # where to put the psiphon binary and configs
 DATA_DIR=~/.local/share/circumvent
 #
 # psiphon-client's github path
 REPO=Psiphon-Labs/psiphon-tunnel-core-binaries # name of the github repository
 REPO_FILE_PATH=linux/psiphon-tunnel-core-x86_64 # REPO_FILE_PATH of the file in the repository
 #
 # name of psiphon's binary
 BINARY_NAME=psiphon-client
 # ==========

 main() {
    unset VERBOSE
    case $1 in -v|--verbose) VERBOSE=true ;; esac
    wait_for_internet
    check_for_updates
    gen_psiphon_configs
    start_psiphon
 }

 # if NetworkManager is available, use it to wait until we have internet
 wait_for_internet() {
    if command -v nmcli >/dev/null && pidof -q NetworkManager; then
        echo waiting for internet connectivity...
        while :; do
            case $(nmcli -g general.ip4-connectivity dev show) in *full*) break ;; esac
            sleep 30
        done
    fi
 }

 # start psiphon
 start_psiphon() {
    echo starting "$BINARY_NAME"...
    pidof -qx "$BINARY_NAME" && die "another instance of $BINARY_NAME is running."
    trap 'echo exiting...; pkill -P$$' HUP INT TERM
    "$DATA_DIR/$BINARY_NAME" -config "$DATA_DIR"/config -dataRootDirectory "$DATA_DIR" 2>&1 |
        while IFS= read -r line; do
            [ "$VERBOSE" = true ] && printf '%s\n' "$line"
            case $line in
            *Tunnels*)
                curl -s --socks5 localhost:$SOCKS_PORT ping.archlinux.org >/dev/null && {
                    echo "$BINARY_NAME" connected.
                    notify-send Circumvent Connected.
                }
            ;;
            *PortInUse*)
                die "one of the ports ($SOCKS_PORT, $HTTP_PORT) is in use, probably by Tor."
            ;;
            esac
    done &
    echo "$BINARY_NAME" started, connecting...
    wait
 }

 # update psiphon if a newer version is available
 check_for_updates() {
    echo checking for updates...
    apiurl="https://api.github.com/repos/$REPO/commits?path=$(echo "$REPO_FILE_PATH" | sed 's|/|%2F|g')&page=1&per_page=1"
    lastcommit=$(curl -fsL "$apiurl" | grep -m1 '^\s\+"date":' | cut -d\" -f4 | xargs -r date +%s -d)
    filebirth=$(stat -c%W "$DATA_DIR/$BINARY_NAME")
    if [ ! -f "$DATA_DIR/$BINARY_NAME" ] || [ "$lastcommit" -gt "$filebirth" ]; then
        echo "a new commit at $lastcommit is newer than $BINARY_NAME's birth at $filebirth."
        update
    fi
    chmod 755 "$DATA_DIR/$BINARY_NAME"
 }

 update() {
    echo updating...
    url="https://raw.githubusercontent.com/$REPO/master/$REPO_FILE_PATH"
    mkdir -p "$DATA_DIR" || die "couldn't make directory $DATA_DIR."
    aria2c -k1M -x5 -d"$DATA_DIR" -o"$BINARY_NAME.new" "$url" &&
        mv "$DATA_DIR/$BINARY_NAME.new" "$DATA_DIR/$BINARY_NAME"
 }

 die() {
    echo "Error: $*"
    notify-send Circumvent "Error: $*"
    exit 1
 }

 # generate psiphon's config file
 gen_psiphon_configs() {
    echo writing the config file...
    cat << eof > "$DATA_DIR"/config || die "failed to write psiphon's config."
 {
    "LocalHttpProxyPort": $HTTP_PORT,
    "LocalSocksProxyPort": $SOCKS_PORT,
    "SponsorId": "FFFFFFFFFFFFFFFF",
    "PropagationChannelId": "FFFFFFFFFFFFFFFF",
    "RemoteServerListSignaturePublicKey": "MIICIDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEAt7Ls+/39r+T6zNW7GiVpJfzq/xvL9SBH5rIFnk0RXYEYavax3WS6HOD35eTAqn8AniOwiH+DOkvgSKF2caqk/y1dfq47Pdymtwzp9ikpB1C5OfAysXzBiwVJlCdajBKvBZDerV1cMvRzCKvKwRmvDmHgphQQ7WfXIGbRbmmk6opMBh3roE42KcotLFtqp0RRwLtcBRNtCdsrVsjiI1Lqz/lH+T61sGjSjQ3CHMuZYSQJZo/KrvzgQXpkaCTdbObxHqb6/+i1qaVOfEsvjoiyzTxJADvSytVtcTjijhPEV6XskJVHE1Zgl+7rATr/pDQkw6DPCNBS1+Y6fy7GstZALQXwEDN/qhQI9kWkHijT8ns+i1vGg00Mk/6J75arLhqcodWsdeG/M/moWgqQAnlZAGVtJI1OgeF5fsPpXu4kctOfuZlGjVZXQNW34aOzm8r8S0eVZitPlbhcPiR4gT/aSMz/wd8lZlzZYsje/Jr8u/YtlwjjreZrGRmG8KMOzukV3lLmMppXFMvl4bxv6YFEmIuTsOhbLTwFgh7KYNjodLj/LsqRVfwz31PgWQFTEPICV7GCvgVlPRxnofqKSjgTWI4mxDhBpVcATvaoBl1L/6WLbFvBsoAUBItWwctO2xalKxF5szhGm8lccoc5MZr8kfE0uxMgsxz4er68iCID+rsCAQM=",
    "RemoteServerListURLs": [
        {
          "URL": "aHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL3BzaXBob24vd2ViL213NHotYTJreC0wd2J6L3NlcnZlcl9saXN0X2NvbXByZXNzZWQ=",
          "OnlyAfterAttempts": 0,
          "SkipVerify": false
        },
        {
          "URL": "aHR0cHM6Ly93d3cuY29ycG9yYXRlaGlyZXByZXNzdGguY29tL3dlYi9tdzR6LWEya3gtMHdiei9zZXJ2ZXJfbGlzdF9jb21wcmVzc2Vk",
          "OnlyAfterAttempts": 2,
          "SkipVerify": true
        },
        {
          "URL": "aHR0cHM6Ly93d3cuc3RvcmFnZWpzc3RyYXRlZ2llc2ZhYnVsb3VzLmNvbS93ZWIvbXc0ei1hMmt4LTB3Ynovc2VydmVyX2xpc3RfY29tcHJlc3NlZA==",
          "OnlyAfterAttempts": 2,
          "SkipVerify": true
        },
        {
          "URL": "aHR0cHM6Ly93d3cuYnJhbmRpbmd1c2FnYW1lcmVwLmNvbS93ZWIvbXc0ei1hMmt4LTB3Ynovc2VydmVyX2xpc3RfY29tcHJlc3NlZA==",
          "OnlyAfterAttempts": 2,
          "SkipVerify": true
        }
    ]
 }
 eof
 }

 main "$@"
	#!/bin/sh
	# download, configure and start the psiphon proxy client.
	# requires curl, aria2, libnotify (optional).

	# Config
	# ==========
	# ports
	SOCKS_PORT=9050
	HTTP_PORT=8585
	#
	# where to put the psiphon binary and configs
	DATA_DIR=~/.local/share/circumvent
	#
	# psiphon-client's github path
	REPO=Psiphon-Labs/psiphon-tunnel-core-binaries # name of the github repository
	REPO_FILE_PATH=linux/psiphon-tunnel-core-x86_64 # REPO_FILE_PATH of the file in the repository
	#
	# name of psiphon's binary
	BINARY_NAME=psiphon-client
	# ==========

	main() {
	unset VERBOSE
	case $1 in -v\|--verbose) VERBOSE=true ;; esac
	wait_for_internet
	check_for_updates
	gen_psiphon_configs
	start_psiphon
	}

	# if NetworkManager is available, use it to wait until we have internet
	wait_for_internet() {
	if command -v nmcli >/dev/null && pidof -q NetworkManager; then
	echo waiting for internet connectivity...
	while :; do
	case $(nmcli -g general.ip4-connectivity dev show) in full) break ;; esac
	sleep 30
	done
	fi
	}

	# start psiphon
	start_psiphon() {
	echo starting "$BINARY_NAME"...
	pidof -qx "$BINARY_NAME" && die "another instance of $BINARY_NAME is running."
	trap 'echo exiting...; pkill -P$$' HUP INT TERM
	"$DATA_DIR/$BINARY_NAME" -config "$DATA_DIR"/config -dataRootDirectory "$DATA_DIR" 2>&1 \|
	while IFS= read -r line; do
	[ "$VERBOSE" = true ] && printf '%s\n' "$line"
	case $line in
	Tunnels)
	curl -s --socks5 localhost:$SOCKS_PORT ping.archlinux.org >/dev/null && {
	echo "$BINARY_NAME" connected.
	notify-send Circumvent Connected.
	}
	;;
	PortInUse)
	die "one of the ports ($SOCKS_PORT, $HTTP_PORT) is in use, probably by Tor."
	;;
	esac
	done &
	echo "$BINARY_NAME" started, connecting...
	wait
	}

	# update psiphon if a newer version is available
	check_for_updates() {
	echo checking for updates...
	apiurl="https://api.github.com/repos/$REPO/commits?path=$(echo "$REPO_FILE_PATH" \| sed 's\|/\|%2F\|g')&page=1&per_page=1"
	lastcommit=$(curl -fsL "$apiurl" \| grep -m1 '^\s\+"date":' \| cut -d\" -f4 \| xargs -r date +%s -d)
	filebirth=$(stat -c%W "$DATA_DIR/$BINARY_NAME")
	if [ ! -f "$DATA_DIR/$BINARY_NAME" ] \|\| [ "$lastcommit" -gt "$filebirth" ]; then
	echo "a new commit at $lastcommit is newer than $BINARY_NAME's birth at $filebirth."
	update
	fi
	chmod 755 "$DATA_DIR/$BINARY_NAME"
	}

	update() {
	echo updating...
	url="https://raw.githubusercontent.com/$REPO/master/$REPO_FILE_PATH"
	mkdir -p "$DATA_DIR" \|\| die "couldn't make directory $DATA_DIR."
	aria2c -k1M -x5 -d"$DATA_DIR" -o"$BINARY_NAME.new" "$url" &&
	mv "$DATA_DIR/$BINARY_NAME.new" "$DATA_DIR/$BINARY_NAME"
	}

	die() {
	echo "Error: $*"
	notify-send Circumvent "Error: $*"
	exit 1
	}

	# generate psiphon's config file
	gen_psiphon_configs() {
	echo writing the config file...
	cat << eof > "$DATA_DIR"/config \|\| die "failed to write psiphon's config."
	{
	"LocalHttpProxyPort": $HTTP_PORT,
	"LocalSocksProxyPort": $SOCKS_PORT,
	"SponsorId": "FFFFFFFFFFFFFFFF",
	"PropagationChannelId": "FFFFFFFFFFFFFFFF",
	"RemoteServerListSignaturePublicKey": "MIICIDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEAt7Ls+/39r+T6zNW7GiVpJfzq/xvL9SBH5rIFnk0RXYEYavax3WS6HOD35eTAqn8AniOwiH+DOkvgSKF2caqk/y1dfq47Pdymtwzp9ikpB1C5OfAysXzBiwVJlCdajBKvBZDerV1cMvRzCKvKwRmvDmHgphQQ7WfXIGbRbmmk6opMBh3roE42KcotLFtqp0RRwLtcBRNtCdsrVsjiI1Lqz/lH+T61sGjSjQ3CHMuZYSQJZo/KrvzgQXpkaCTdbObxHqb6/+i1qaVOfEsvjoiyzTxJADvSytVtcTjijhPEV6XskJVHE1Zgl+7rATr/pDQkw6DPCNBS1+Y6fy7GstZALQXwEDN/qhQI9kWkHijT8ns+i1vGg00Mk/6J75arLhqcodWsdeG/M/moWgqQAnlZAGVtJI1OgeF5fsPpXu4kctOfuZlGjVZXQNW34aOzm8r8S0eVZitPlbhcPiR4gT/aSMz/wd8lZlzZYsje/Jr8u/YtlwjjreZrGRmG8KMOzukV3lLmMppXFMvl4bxv6YFEmIuTsOhbLTwFgh7KYNjodLj/LsqRVfwz31PgWQFTEPICV7GCvgVlPRxnofqKSjgTWI4mxDhBpVcATvaoBl1L/6WLbFvBsoAUBItWwctO2xalKxF5szhGm8lccoc5MZr8kfE0uxMgsxz4er68iCID+rsCAQM=",
	"RemoteServerListURLs": [
	{
	"URL": "aHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL3BzaXBob24vd2ViL213NHotYTJreC0wd2J6L3NlcnZlcl9saXN0X2NvbXByZXNzZWQ=",
	"OnlyAfterAttempts": 0,
	"SkipVerify": false
	},
	{
	"URL": "aHR0cHM6Ly93d3cuY29ycG9yYXRlaGlyZXByZXNzdGguY29tL3dlYi9tdzR6LWEya3gtMHdiei9zZXJ2ZXJfbGlzdF9jb21wcmVzc2Vk",
	"OnlyAfterAttempts": 2,
	"SkipVerify": true
	},
	{
	"URL": "aHR0cHM6Ly93d3cuc3RvcmFnZWpzc3RyYXRlZ2llc2ZhYnVsb3VzLmNvbS93ZWIvbXc0ei1hMmt4LTB3Ynovc2VydmVyX2xpc3RfY29tcHJlc3NlZA==",
	"OnlyAfterAttempts": 2,
	"SkipVerify": true
	},
	{
	"URL": "aHR0cHM6Ly93d3cuYnJhbmRpbmd1c2FnYW1lcmVwLmNvbS93ZWIvbXc0ei1hMmt4LTB3Ynovc2VydmVyX2xpc3RfY29tcHJlc3NlZA==",
	"OnlyAfterAttempts": 2,
	"SkipVerify": true
	}
	]
	}
	eof
	}

	main "$@"