From 9528ed10ef683a1a620d540397450e32faf4730e Mon Sep 17 00:00:00 2001
From: nervuri <seva@nervuri.net>
Date: Sun, 10 Sep 2023 15:29:51 +0000
Subject: [PATCH] make it clear that torsocks is no longer optional

---
 README.md    | 2 +-
 get-certs.sh | 5 +++--
 main.sh      | 9 +++------
 3 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 591e9e8..c47bbf0 100644
--- a/README.md
+++ b/README.md
@@ -25,7 +25,7 @@ To install them in Debian, run: `sudo apt install openssl idn torsocks` and `pip
 
 `./main.sh` will run all scripts.  For the [trust stores repo](https://tildegit.org/nervuri/trust-stores), I use `time ./main.sh >log-stdout 2>log-stderr`.  For 893 hosts, the command takes around 80 minutes to complete with Tor verification and 45 minutes without.
 
-`get-certs.sh` accepts `tor` as an optional argument, to double-check certificates using the Tor network.  If you have `torsocks` installed, this option will automatically be used when you run `./main.sh`.
+`get-certs.sh` accepts `tor` as an optional argument, to double-check certificates using the Tor network.  This option will automatically be used when you run `./main.sh`.
 
 All trust store generators accept certificate expiry boundaries as arguments.  Ex:
 
diff --git a/get-certs.sh b/get-certs.sh
index 62f8420..44663a6 100755
--- a/get-certs.sh
+++ b/get-certs.sh
@@ -90,8 +90,9 @@ while read -r host; do
     >&2 echo "$host_and_port - connection failed"
   fi
 
-  # If "tor" option is used, then connect again via Tor,
-  # to check if we get the same cert from a different network perspective.
+  # If the "tor" option is used and the current host is not an onion
+  # service, then connect again via Tor, to check if we get the same
+  # cert from a different network perspective.
   mismatch=0
   if [ "${1:-}" = 'tor' ] && [ -n "${host##*.onion}" ]; then
 
diff --git a/main.sh b/main.sh
index 487a583..d24656c 100755
--- a/main.sh
+++ b/main.sh
@@ -20,7 +20,8 @@ if ! command -v agunua >/dev/null; then
   exit 1
 fi
 if ! command -v torsocks >/dev/null; then
-  >&2 echo '"torsocks" not installed! [optional]'
+  >&2 echo '"torsocks" not installed! [required]'
+  exit 1
 fi
 
 # Go where this script is.
@@ -32,11 +33,7 @@ echo '=== get hosts ==='
 ./get-hosts.sh
 
 echo '=== get certs ==='
-if command -v torsocks >/dev/null; then
-  ./get-certs.sh tor
-else
-  ./get-certs.sh
-fi
+./get-certs.sh tor
 
 echo '=== prune old certs ==='
 ./prune-old-certs.sh