|  | @@ -36,9 +36,9 @@ HIDDEN_SERVICE_PATH='/var/lib/tor/hidden_service_'
 | 
	
		
			
			| 36 | 36 |  
 | 
	
		
			
			| 37 | 37 |  function add_email_hostname {
 | 
	
		
			
			| 38 | 38 |      extra_email_hostname="$1"
 | 
	
		
			
			| 39 |  | -    email_hostnames=$(cat /etc/exim4/update-exim4.conf.conf | grep "dc_other_hostnames" | awk -F "'" '{print $2}')
 | 
	
		
			
			|  | 39 | +    email_hostnames=$(grep "dc_other_hostnames" /etc/exim4/update-exim4.conf.conf | awk -F "'" '{print $2}')
 | 
	
		
			
			| 40 | 40 |      if [[ "$email_hostnames" != *"$extra_email_hostname"* ]]; then
 | 
	
		
			
			| 41 |  | -        sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$emailhostnames;extra_email_hostname'|g" /etc/exim4/update-exim4.conf.conf
 | 
	
		
			
			|  | 41 | +        sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$email_hostnames;extra_email_hostname'|g" /etc/exim4/update-exim4.conf.conf
 | 
	
		
			
			| 42 | 42 |          update-exim4.conf
 | 
	
		
			
			| 43 | 43 |          dpkg-reconfigure --frontend noninteractive exim4-config
 | 
	
		
			
			| 44 | 44 |          systemctl restart saslauthd
 | 
	
	
		
			
			|  | @@ -54,7 +54,7 @@ function wait_for_onion_service_base {
 | 
	
		
			
			| 54 | 54 |      onion_service_name="$1"
 | 
	
		
			
			| 55 | 55 |  
 | 
	
		
			
			| 56 | 56 |      sleep_ctr=0
 | 
	
		
			
			| 57 |  | -    while [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; do
 | 
	
		
			
			|  | 57 | +    while [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; do
 | 
	
		
			
			| 58 | 58 |          sleep 1
 | 
	
		
			
			| 59 | 59 |          sleep_ctr=$((sleep_ctr + 1))
 | 
	
		
			
			| 60 | 60 |          if [ $sleep_ctr -gt 10 ]; then
 | 
	
	
		
			
			|  | @@ -66,12 +66,12 @@ function wait_for_onion_service_base {
 | 
	
		
			
			| 66 | 66 |  function wait_for_onion_service {
 | 
	
		
			
			| 67 | 67 |      onion_service_name="$1"
 | 
	
		
			
			| 68 | 68 |  
 | 
	
		
			
			| 69 |  | -    wait_for_onion_service_base ${onion_service_name}
 | 
	
		
			
			|  | 69 | +    wait_for_onion_service_base "${onion_service_name}"
 | 
	
		
			
			| 70 | 70 |  
 | 
	
		
			
			| 71 |  | -    if [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
 | 
	
		
			
			|  | 71 | +    if [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
 | 
	
		
			
			| 72 | 72 |          # try a second time
 | 
	
		
			
			| 73 | 73 |          onion_update
 | 
	
		
			
			| 74 |  | -        wait_for_onion_service_base ${onion_service_name}
 | 
	
		
			
			|  | 74 | +        wait_for_onion_service_base "${onion_service_name}"
 | 
	
		
			
			| 75 | 75 |      fi
 | 
	
		
			
			| 76 | 76 |      sync
 | 
	
		
			
			| 77 | 77 |  }
 | 
	
	
		
			
			|  | @@ -87,22 +87,22 @@ function remove_onion_service {
 | 
	
		
			
			| 87 | 87 |      sed -i "/hidden_service_${onion_service_name}/,+1 d" /etc/tor/torrc
 | 
	
		
			
			| 88 | 88 |      sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" /etc/tor/torrc
 | 
	
		
			
			| 89 | 89 |      sed -i "/127.0.0.1:${onion_service_port_to}/d" /etc/tor/torrc
 | 
	
		
			
			| 90 |  | -    if [ $3 ]; then
 | 
	
		
			
			|  | 90 | +    if [ "$3" ]; then
 | 
	
		
			
			| 91 | 91 |          sed -i "/127.0.0.1:${3}/d" /etc/tor/torrc
 | 
	
		
			
			| 92 |  | -        if [ $4 ]; then
 | 
	
		
			
			|  | 92 | +        if [ "$4" ]; then
 | 
	
		
			
			| 93 | 93 |              sed -i "/127.0.0.1:${4}/d" /etc/tor/torrc
 | 
	
		
			
			| 94 |  | -            if [ $5 ]; then
 | 
	
		
			
			|  | 94 | +            if [ "$5" ]; then
 | 
	
		
			
			| 95 | 95 |                  sed -i "/127.0.0.1:${5}/d" /etc/tor/torrc
 | 
	
		
			
			| 96 | 96 |              fi
 | 
	
		
			
			| 97 | 97 |          fi
 | 
	
		
			
			| 98 | 98 |      fi
 | 
	
		
			
			| 99 |  | -    if [ -d ${HIDDEN_SERVICE_PATH}${onion_service_name} ]; then
 | 
	
		
			
			| 100 |  | -        shred -zu ${HIDDEN_SERVICE_PATH}${onion_service_name}/*
 | 
	
		
			
			| 101 |  | -        rm -rf ${HIDDEN_SERVICE_PATH}${onion_service_name}
 | 
	
		
			
			|  | 99 | +    if [ -d "${HIDDEN_SERVICE_PATH}${onion_service_name}" ]; then
 | 
	
		
			
			|  | 100 | +        shred -zu "${HIDDEN_SERVICE_PATH}${onion_service_name}/*"
 | 
	
		
			
			|  | 101 | +        rm -rf "${HIDDEN_SERVICE_PATH}${onion_service_name}"
 | 
	
		
			
			| 102 | 102 |      fi
 | 
	
		
			
			| 103 |  | -    if [ -d ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile ]; then
 | 
	
		
			
			| 104 |  | -        shred -zu ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile/*
 | 
	
		
			
			| 105 |  | -        rm -rf ${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile
 | 
	
		
			
			|  | 103 | +    if [ -d "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile" ]; then
 | 
	
		
			
			|  | 104 | +        shred -zu "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile/*"
 | 
	
		
			
			|  | 105 | +        rm -rf "${HIDDEN_SERVICE_PATH}${onion_service_name}_mobile"
 | 
	
		
			
			| 106 | 106 |      fi
 | 
	
		
			
			| 107 | 107 |      remove_completion_param "${onion_service_name} onion domain"
 | 
	
		
			
			| 108 | 108 |      onion_update
 | 
	
	
		
			
			|  | @@ -114,8 +114,8 @@ function add_onion_service {
 | 
	
		
			
			| 114 | 114 |      onion_service_port_to=$3
 | 
	
		
			
			| 115 | 115 |      onion_stealth_name="$4"
 | 
	
		
			
			| 116 | 116 |  
 | 
	
		
			
			| 117 |  | -    if [ -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
 | 
	
		
			
			| 118 |  | -        echo $(cat ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname)
 | 
	
		
			
			|  | 117 | +    if [ -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
 | 
	
		
			
			|  | 118 | +        cat "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname"
 | 
	
		
			
			| 119 | 119 |          USE_V2_ONION_ADDRESS=
 | 
	
		
			
			| 120 | 120 |          return
 | 
	
		
			
			| 121 | 121 |      fi
 | 
	
	
		
			
			|  | @@ -143,20 +143,20 @@ function add_onion_service {
 | 
	
		
			
			| 143 | 143 |      onion_update
 | 
	
		
			
			| 144 | 144 |  
 | 
	
		
			
			| 145 | 145 |      function_check wait_for_onion_service
 | 
	
		
			
			| 146 |  | -    wait_for_onion_service ${onion_service_name}
 | 
	
		
			
			|  | 146 | +    wait_for_onion_service "${onion_service_name}"
 | 
	
		
			
			| 147 | 147 |  
 | 
	
		
			
			| 148 |  | -    if [ ! -f ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname ]; then
 | 
	
		
			
			| 149 |  | -        ls -lh ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname
 | 
	
		
			
			|  | 148 | +    if [ ! -f "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname" ]; then
 | 
	
		
			
			|  | 149 | +        ls -lh "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname"
 | 
	
		
			
			| 150 | 150 |          echo $"${onion_service_name} onion site hostname not found"
 | 
	
		
			
			| 151 | 151 |          exit 763624
 | 
	
		
			
			| 152 | 152 |      fi
 | 
	
		
			
			| 153 | 153 |  
 | 
	
		
			
			| 154 |  | -    onion_address=$(cat ${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname)
 | 
	
		
			
			|  | 154 | +    onion_address=$(cat "${HIDDEN_SERVICE_PATH}${onion_service_name}/hostname")
 | 
	
		
			
			| 155 | 155 |  
 | 
	
		
			
			| 156 | 156 |      # Record the domain in the completion file
 | 
	
		
			
			| 157 | 157 |      set_completion_param "${onion_service_name} onion domain" "${onion_address}"
 | 
	
		
			
			| 158 | 158 |  
 | 
	
		
			
			| 159 |  | -    echo $onion_address
 | 
	
		
			
			|  | 159 | +    echo "$onion_address"
 | 
	
		
			
			| 160 | 160 |  }
 | 
	
		
			
			| 161 | 161 |  
 | 
	
		
			
			| 162 | 162 |  function set_default_onion_domains {
 | 
	
	
		
			
			|  | @@ -184,19 +184,19 @@ function create_avahi_onion_domains {
 | 
	
		
			
			| 184 | 184 |      fi
 | 
	
		
			
			| 185 | 185 |      if [ $GNUSOCIAL_DOMAIN_NAME ]; then
 | 
	
		
			
			| 186 | 186 |          function_check create_avahi_service
 | 
	
		
			
			| 187 |  | -        create_avahi_service gnusocial http tcp $GNUSOCIAL_ONION_PORT
 | 
	
		
			
			|  | 187 | +        create_avahi_service gnusocial http tcp "$GNUSOCIAL_ONION_PORT"
 | 
	
		
			
			| 188 | 188 |      fi
 | 
	
		
			
			| 189 | 189 |      if [ $HTMLY_DOMAIN_NAME ]; then
 | 
	
		
			
			| 190 | 190 |          function_check create_avahi_service
 | 
	
		
			
			| 191 |  | -        create_avahi_service blog http tcp $HTMLY_ONION_PORT
 | 
	
		
			
			|  | 191 | +        create_avahi_service blog http tcp "$HTMLY_ONION_PORT"
 | 
	
		
			
			| 192 | 192 |      fi
 | 
	
		
			
			| 193 | 193 |      if [ $GIT_DOMAIN_NAME ]; then
 | 
	
		
			
			| 194 | 194 |          function_check create_avahi_service
 | 
	
		
			
			| 195 |  | -        create_avahi_service git http tcp $GIT_ONION_PORT
 | 
	
		
			
			|  | 195 | +        create_avahi_service git http tcp "$GIT_ONION_PORT"
 | 
	
		
			
			| 196 | 196 |      fi
 | 
	
		
			
			| 197 | 197 |      if [ $DOKUWIKI_DOMAIN_NAME ]; then
 | 
	
		
			
			| 198 | 198 |          function_check create_avahi_service
 | 
	
		
			
			| 199 |  | -        create_avahi_service dokuwiki http tcp $DOKUWIKI_ONION_PORT
 | 
	
		
			
			|  | 199 | +        create_avahi_service dokuwiki http tcp "$DOKUWIKI_ONION_PORT"
 | 
	
		
			
			| 200 | 200 |      fi
 | 
	
		
			
			| 201 | 201 |  }
 | 
	
		
			
			| 202 | 202 |  
 | 
	
	
		
			
			|  | @@ -204,16 +204,16 @@ function allow_ssh_to_onion_address {
 | 
	
		
			
			| 204 | 204 |      if [[ $SYSTEM_TYPE == "mesh"* ]]; then
 | 
	
		
			
			| 205 | 205 |          return
 | 
	
		
			
			| 206 | 206 |      fi
 | 
	
		
			
			| 207 |  | -    if [ ! -d /home/$MY_USERNAME/.ssh ]; then
 | 
	
		
			
			| 208 |  | -        mkdir /home/$MY_USERNAME/.ssh
 | 
	
		
			
			|  | 207 | +    if [ ! -d "/home/$MY_USERNAME/.ssh" ]; then
 | 
	
		
			
			|  | 208 | +        mkdir "/home/$MY_USERNAME/.ssh"
 | 
	
		
			
			| 209 | 209 |      fi
 | 
	
		
			
			| 210 | 210 |      if [ ! -d /etc/tor ]; then
 | 
	
		
			
			| 211 | 211 |          echo $'Tor not found when updating ssh'
 | 
	
		
			
			| 212 | 212 |          exit 528257
 | 
	
		
			
			| 213 | 213 |      fi
 | 
	
		
			
			| 214 |  | -    if ! grep -q "onion" /home/$MY_USERNAME/.ssh/config; then
 | 
	
		
			
			| 215 |  | -        echo 'Host *.onion' >> /home/$MY_USERNAME/.ssh/config
 | 
	
		
			
			| 216 |  | -        echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> /home/$MY_USERNAME/.ssh/config
 | 
	
		
			
			|  | 214 | +    if ! grep -q "onion" "/home/$MY_USERNAME/.ssh/config"; then
 | 
	
		
			
			|  | 215 | +        echo 'Host *.onion' >> "/home/$MY_USERNAME/.ssh/config"
 | 
	
		
			
			|  | 216 | +        echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> "/home/$MY_USERNAME/.ssh/config"
 | 
	
		
			
			| 217 | 217 |      fi
 | 
	
		
			
			| 218 | 218 |  }
 | 
	
		
			
			| 219 | 219 |  
 | 
	
	
		
			
			|  | @@ -225,14 +225,14 @@ function enable_ssh_via_onion {
 | 
	
		
			
			| 225 | 225 |          return
 | 
	
		
			
			| 226 | 226 |      fi
 | 
	
		
			
			| 227 | 227 |      apt-get -yq install tor connect-proxy
 | 
	
		
			
			| 228 |  | -    if ! grep -q 'Host *.onion' /home/$MY_USERNAME/.ssh/config; then
 | 
	
		
			
			| 229 |  | -        if [ ! -d /home/$MY_USERNAME/.ssh ]; then
 | 
	
		
			
			| 230 |  | -            mkdir /home/$MY_USERNAME/.ssh
 | 
	
		
			
			|  | 228 | +    if ! grep -q 'Host *.onion' "/home/$MY_USERNAME/.ssh/config"; then
 | 
	
		
			
			|  | 229 | +        if [ ! -d "/home/$MY_USERNAME/.ssh" ]; then
 | 
	
		
			
			|  | 230 | +            mkdir "/home/$MY_USERNAME/.ssh"
 | 
	
		
			
			| 231 | 231 |          fi
 | 
	
		
			
			| 232 |  | -        echo 'Host *.onion' >> /home/$MY_USERNAME/.ssh/config
 | 
	
		
			
			| 233 |  | -        echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> /home/$MY_USERNAME/.ssh/config
 | 
	
		
			
			| 234 |  | -        chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
 | 
	
		
			
			| 235 |  | -        chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh/config
 | 
	
		
			
			|  | 232 | +        echo 'Host *.onion' >> "/home/$MY_USERNAME/.ssh/config"
 | 
	
		
			
			|  | 233 | +        echo 'ProxyCommand connect -R remote -5 -S 127.0.0.1:9050 %h %p' >> "/home/$MY_USERNAME/.ssh/config"
 | 
	
		
			
			|  | 234 | +        chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.ssh"
 | 
	
		
			
			|  | 235 | +        chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.ssh/config"
 | 
	
		
			
			| 236 | 236 |      fi
 | 
	
		
			
			| 237 | 237 |      if ! grep -q 'Host *.onion' /root/.ssh/config; then
 | 
	
		
			
			| 238 | 238 |          if [ ! -d /root/.ssh ]; then
 | 
	
	
		
			
			|  | @@ -259,7 +259,7 @@ function configure_ssh_onion {
 | 
	
		
			
			| 259 | 259 |          return
 | 
	
		
			
			| 260 | 260 |      fi
 | 
	
		
			
			| 261 | 261 |  
 | 
	
		
			
			| 262 |  | -    SSH_ONION_HOSTNAME=$(add_onion_service ssh ${SSH_PORT} ${SSH_PORT})
 | 
	
		
			
			|  | 262 | +    SSH_ONION_HOSTNAME=$(add_onion_service ssh "${SSH_PORT}" "${SSH_PORT}")
 | 
	
		
			
			| 263 | 263 |      if [[ "$SSH_ONION_HOSTNAME" != *'.onion' ]]; then
 | 
	
		
			
			| 264 | 264 |          echo $'ssh onion site not generated'
 | 
	
		
			
			| 265 | 265 |          exit 624128
 | 
	
	
		
			
			|  | @@ -313,9 +313,9 @@ function resolve_dns_via_tor {
 | 
	
		
			
			| 313 | 313 |  
 | 
	
		
			
			| 314 | 314 |      # resolve DNS via tor
 | 
	
		
			
			| 315 | 315 |      if ! grep -q 'DNSPort 53' /etc/tor/torrc; then
 | 
	
		
			
			| 316 |  | -        echo 'DNSPort 53' >> /etc/tor/torrc
 | 
	
		
			
			| 317 |  | -        echo 'AutomapHostsOnResolve 1' >> /etc/tor/torrc
 | 
	
		
			
			| 318 |  | -        echo 'AutomapHostsSuffixes .exit,.onion' >> /etc/tor/torrc
 | 
	
		
			
			|  | 316 | +        { echo 'DNSPort 53';
 | 
	
		
			
			|  | 317 | +          echo 'AutomapHostsOnResolve 1';
 | 
	
		
			
			|  | 318 | +          echo 'AutomapHostsSuffixes .exit,.onion'; } >> /etc/tor/torrc
 | 
	
		
			
			| 319 | 319 |          onion_update
 | 
	
		
			
			| 320 | 320 |      fi
 | 
	
		
			
			| 321 | 321 |  
 | 
	
	
		
			
			|  | @@ -361,8 +361,8 @@ function route_outgoing_traffic_through_tor {
 | 
	
		
			
			| 361 | 361 |  
 | 
	
		
			
			| 362 | 362 |      # Allow clearnet access for hosts in $_non_tor
 | 
	
		
			
			| 363 | 363 |      for _clearnet in $_non_tor; do
 | 
	
		
			
			| 364 |  | -        iptables -t nat -A OUTPUT -d $_clearnet -j RETURN
 | 
	
		
			
			| 365 |  | -        iptables -t nat -A PREROUTING -i $_int_if -d $_clearnet -j RETURN
 | 
	
		
			
			|  | 364 | +        iptables -t nat -A OUTPUT -d "$_clearnet" -j RETURN
 | 
	
		
			
			|  | 365 | +        iptables -t nat -A PREROUTING -i $_int_if -d "$_clearnet" -j RETURN
 | 
	
		
			
			| 366 | 366 |      done
 | 
	
		
			
			| 367 | 367 |  
 | 
	
		
			
			| 368 | 368 |      # Redirect all other pre-routing and output to Tor
 | 
	
	
		
			
			|  | @@ -375,7 +375,7 @@ function route_outgoing_traffic_through_tor {
 | 
	
		
			
			| 375 | 375 |  
 | 
	
		
			
			| 376 | 376 |      # Allow clearnet access for hosts in $_non_tor
 | 
	
		
			
			| 377 | 377 |      for _clearnet in $_non_tor 127.0.0.0/8; do
 | 
	
		
			
			| 378 |  | -        iptables -A OUTPUT -d $_clearnet -j ACCEPT
 | 
	
		
			
			|  | 378 | +        iptables -A OUTPUT -d "$_clearnet" -j ACCEPT
 | 
	
		
			
			| 379 | 379 |      done
 | 
	
		
			
			| 380 | 380 |  
 | 
	
		
			
			| 381 | 381 |      # Allow only Tor output
 | 
	
	
		
			
			|  | @@ -438,9 +438,9 @@ function get_app_onion_address {
 | 
	
		
			
			| 438 | 438 |      if [ ${#mobilestr} -gt 0 ]; then
 | 
	
		
			
			| 439 | 439 |          app_name="mobile${app_name}"
 | 
	
		
			
			| 440 | 440 |      fi
 | 
	
		
			
			| 441 |  | -    if grep -q "${app_name} onion domain" $COMPLETION_FILE; then
 | 
	
		
			
			| 442 |  | -        if grep -q "${app_name} onion domain" $COMPLETION_FILE; then
 | 
	
		
			
			| 443 |  | -            echo $(cat ${COMPLETION_FILE} | grep "${app_name} onion domain" | head -n 1 | awk -F ':' '{print $2}')
 | 
	
		
			
			|  | 441 | +    if grep -q "${app_name} onion domain" "$COMPLETION_FILE"; then
 | 
	
		
			
			|  | 442 | +        if grep -q "${app_name} onion domain" "$COMPLETION_FILE"; then
 | 
	
		
			
			|  | 443 | +            grep "${app_name} onion domain" "${COMPLETION_FILE}" | head -n 1 | awk -F ':' '{print $2}'
 | 
	
		
			
			| 444 | 444 |              return
 | 
	
		
			
			| 445 | 445 |          fi
 | 
	
		
			
			| 446 | 446 |      fi
 | 
	
	
		
			
			|  | @@ -521,7 +521,7 @@ function tor_remove_bridge {
 | 
	
		
			
			| 521 | 521 |  function tor_create_bridge_relay {
 | 
	
		
			
			| 522 | 522 |      read_config_param 'TOR_BRIDGE_PORT'
 | 
	
		
			
			| 523 | 523 |      read_config_param 'TOR_BRIDGE_NICKNAME'
 | 
	
		
			
			| 524 |  | -    if [ ! $TOR_BRIDGE_PORT ]; then
 | 
	
		
			
			|  | 524 | +    if [ ! "$TOR_BRIDGE_PORT" ]; then
 | 
	
		
			
			| 525 | 525 |          return
 | 
	
		
			
			| 526 | 526 |      fi
 | 
	
		
			
			| 527 | 527 |      if [ ${#TOR_BRIDGE_PORT} -eq 0 ]; then
 | 
	
	
		
			
			|  | @@ -548,11 +548,11 @@ function tor_create_bridge_relay {
 | 
	
		
			
			| 548 | 548 |      read_config_param 'MY_EMAIL_ADDRESS'
 | 
	
		
			
			| 549 | 549 |  
 | 
	
		
			
			| 550 | 550 |      sed -i "s|#ContactInfo.*|ContactInfo $MY_EMAIL_ADDRESS|g" /etc/tor/torrc
 | 
	
		
			
			| 551 |  | -    if [ $TOR_BRIDGE_NICKNAME ]; then
 | 
	
		
			
			|  | 551 | +    if [ "$TOR_BRIDGE_NICKNAME" ]; then
 | 
	
		
			
			| 552 | 552 |          sed -i "s|#Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
 | 
	
		
			
			| 553 | 553 |          sed -i "s|Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
 | 
	
		
			
			| 554 | 554 |      fi
 | 
	
		
			
			| 555 |  | -    firewall_add tor_bridge $TOR_BRIDGE_PORT tcp
 | 
	
		
			
			|  | 555 | +    firewall_add tor_bridge "$TOR_BRIDGE_PORT" tcp
 | 
	
		
			
			| 556 | 556 |      systemctl restart tor
 | 
	
		
			
			| 557 | 557 |  }
 | 
	
		
			
			| 558 | 558 |  
 | 
	
	
		
			
			|  | @@ -573,7 +573,7 @@ function tor_remove_bridge_relay {
 | 
	
		
			
			| 573 | 573 |          sed -i "s|Nickname |#Nickname |g" /etc/tor/torrc
 | 
	
		
			
			| 574 | 574 |      fi
 | 
	
		
			
			| 575 | 575 |      read_config_param 'TOR_BRIDGE_PORT'
 | 
	
		
			
			| 576 |  | -    firewall_remove $TOR_BRIDGE_PORT tcp
 | 
	
		
			
			|  | 576 | +    firewall_remove "$TOR_BRIDGE_PORT" tcp
 | 
	
		
			
			| 577 | 577 |      systemctl restart tor
 | 
	
		
			
			| 578 | 578 |  }
 | 
	
		
			
			| 579 | 579 |  
 |