Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
350 lines (334 sloc) 11.3 KB
#!/bin/bash
echo -n "Starting script at: "
date "+%a %d %b %Y - %r"
echo ""
echo "Checking for lockfile:"
checklock=$(cat lockfile.txt 2>&1 | awk '{ print $1 }')
if [ $checklock == "lock" ]; then
echo "- Lock file found. Exiting."
exit
else
echo "- Lock file not found. Continuing."
fi
echo ""
echo -n "Creating lockfile (sleep 3): "
echo "lock" > lockfile.txt
sleep 3
echo "DONE"
verifications=0
echo ""
echo "Checking connectivity to raw(dot)githubusercontent(dot)com:"
githubping=$(ping -c 3 -W 2 raw.githubusercontent.com | grep -o "3 packets transmitted, 3 received, 0% packet loss, time ")
if [ "$githubping" == "3 packets transmitted, 3 received, 0% packet loss, time " ]; then
echo -n "- Ping success: \""
echo "$githubping" | sed 's/, time //' | tr -d "\n"
echo "\""
verifications=$((verifications+1))
else
echo "- Ping failed."
echo ""
echo -n "Removing lockfile (sleep 3): "
sleep 3
rm lockfile.txt
echo "DONE"
echo ""
echo -n "Script exiting (ping failed) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
fi
githubssl=$(echo | openssl s_client -connect raw.githubusercontent.com:443 2>&1 | egrep "^( Verify return code: 0 \(ok\)|depth=0 C = US, ST = California, L = San Francisco, O = \"GitHub, Inc[.]\", CN = www[.]github[.]com)$")
if [[ $(echo "$githubssl" | tail -n 1) == " Verify return code: 0 (ok)" ]]; then
echo -n "- SSL handshake success: \""
echo "$githubssl" | tail -n 1 | sed 's/ //' | tr -d "\n"
echo "\""
verifications=$((verifications+1))
else
echo "- SSL connection failed."
echo ""
echo -n "Removing lockfile (sleep 3): "
sleep 3
rm lockfile.txt
echo "DONE"
echo ""
echo -n "Script exiting (SSL connection failed) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
fi
if [[ $(echo "$githubssl" | head -n 1) == "depth=0 C = US, ST = California, L = San Francisco, O = \"GitHub, Inc.\", CN = www.github.com" ]]; then
echo -n "- Certificate details match: \""
echo "$githubssl" | head -n 1 | sed 's/\./(dot)/g' | sed 's/Inc(dot)/Inc\./' | tr -d "\n"
echo "\""
verifications=$((verifications+1))
else
echo "- Certificate details changed."
echo ""
echo -n "Removing lockfile (sleep 3): "
sleep 3
rm lockfile.txt
echo "DONE"
echo ""
echo -n "Script exiting (certificate details changed) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
fi
function oldfile() {
echo ""
echo "Continuing to use old hosts file:"
echo -n "- Moving old file to new file: "
mv old.txt latest.txt
sleep 1
echo "DONE"
echo -n "-"
head -n 4 latest.txt | tail -n 1 | tr -d "#" | grep "Date: "
echo -n "-"
head -n 5 latest.txt | tail -n 1 | tr -d "#" | grep "Extensions added to this file: "
echo -n "- SHA256: "
sha256sum latest.txt | awk '{ print $1 }'
echo -n "- SHA1: "
sha1sum latest.txt | awk '{ print $1 }'
echo -n "- MD5: "
md5sum latest.txt | awk '{print $1 }'
echo ""
echo -n "Removing lockfile (sleep 3): "
sleep 3
rm lockfile.txt
echo "DONE"
echo ""
}
echo ""
echo "Checking for update:"
livehash=$(curl -s "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn/hosts" | sha256sum | awk '{ print $1 }')
localhash=$(sha256sum latest.txt | awk '{ print $1 }')
if [ $livehash == $localhash ]; then
echo "- No update is available."
echo -n "- Live file SHA256: "
echo "$livehash"
echo -n "- Local file SHA256: "
echo "$localhash"
echo ""
echo "Continuing to use old hosts file:"
echo "- Not moving old file to new file (new file not downloaded)."
echo -n "-"
head -n 4 latest.txt | tail -n 1 | tr -d "#" | grep "Date: "
echo -n "-"
head -n 5 latest.txt | tail -n 1 | tr -d "#" | grep "Extensions added to this file: "
echo -n "-"
head -n 6 latest.txt | tail -n 1 | tr -d "#" | grep "Number of unique domains: "
echo -n "- SHA256: "
sha256sum latest.txt | awk '{ print $1 }'
echo -n "- SHA1: "
sha1sum latest.txt | awk '{ print $1 }'
echo -n "- MD5: "
md5sum latest.txt | awk '{print $1 }'
echo ""
echo -n "Removing lockfile (sleep 3): "
sleep 3
rm lockfile.txt
echo "DONE"
echo ""
echo -n "Script exiting (no update available) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
else
echo "- An update is available!"
echo -n "- Live file SHA256: "
echo "$livehash"
echo -n "- Local file SHA256: "
echo "$localhash"
echo ""
echo "Updating file:"
echo -n "- Moving new file to old file: "
mv latest.txt old.txt
echo "DONE"
echo -n "- Downloading new file: "
curl -s "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn/hosts" > latest.txt
sleep 1
echo "DONE"
echo -n "- Checking hash against live version:"
if [[ $(sha256sum latest.txt | awk '{ print $1 }') == $livehash ]]; then
echo " MATCHES"
echo -n "- Live file SHA256: "
echo "$livehash"
echo -n "- Local file SHA256: "
sha256sum latest.txt | awk '{ print $1 }'
else
echo " DOES NOT MATCH"
echo -n "- Live file SHA256: "
echo "$livehash"
echo -n "- Local file SHA256: "
sha256sum latest.txt | awk '{ print $1 }'
oldfile
echo -n "Script exiting (hash mismatch) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
fi
fi
echo ""
echo "Checking file integrity:"
echo -n "- Verifying character whitelist: "
if egrep -q "[^][a-zA-Z0-9 #:|=?+%&\*()_;/ @~!źż'\"<>.,\\-]" latest.txt; then
echo "FAILED"
echo -n "- Unwhitelisted character(s) found: \""
fold -w1 latest.txt | sort -u | egrep "[^][a-zA-Z0-9 #:|=?+%&\*()_;/ @~!źż'\"<>.,\\-]" | tr -d "\n"
echo "\""
oldfile
echo -n "Script exiting (unwhitelisted characters found) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
else
echo "SUCCESS"
echo -n "- All whitelisted special characters: \""
fold -w1 latest.txt | sort -u | sed 's/[a-zA-Z0-9]//' | tr -d "\n"
echo "\""
verifications=$((verifications+1))
fi
echo -n "- Grep-stripping allowed/safe content from file: "
#All 0.0.0.0 entries (including xn-- domains as well as erroneous entires)
grepstrip=$(egrep -v "^0.0.0.0 [a-zA-Z0-9._-]{,96}[.][a-z0-9-]{2,20}$" latest.txt)
#All lines starting with a hash (comments)
grepstrip2=$(echo "$grepstrip" | egrep -v "^#.*$")
#Blank lines
grepstrip=$(echo "$grepstrip2" | egrep -v "^$")
#Lines starting with spaces/multiple tabs
grepstrip2=$(echo "$grepstrip" | egrep -v "^( | {32}| | {4}| ? {5})# ")
#Remove default/system hosts file entries
grepstrip=$(echo "$grepstrip2" | egrep -v "^(127[.]0[.]0[.]1 localhost|127[.]0[.]0[.]1 localhost[.]localdomain|127[.]0[.]0[.]1 local|255[.]255[.]255[.]255 broadcasthost|::1 localhost|fe80::1%lo0 localhost|0[.]0[.]0[.]0 0[.]0[.]0[.]0)$")
#Remove bits left behind
grepstrip2=$(echo "$grepstrip" | egrep -v "^(0[.]0[.]0[.]0 collectionofbestporn|0[.]0[.]0[.]0 sexdating|0[.]0[.]0[.]0 spankbang)$")
if [ "$grepstrip2" == "" ]; then
echo "SUCCESS"
echo -n "- All content successfully stripped: \""
echo "$grepstrip2" | tr -d "\n"
echo "\""
verifications=$((verifications+1))
else
echo "FAILED"
echo ""
echo "- Lines left over after filtering (max 20 shown):"
echo "$grepstrip2" | sed 's/\./(dot)/g' | head -n 20
oldfile
echo -n "Script exiting (grep strip failed) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
fi
echo -n "- Checking file byte count: "
bytecount=$(wc -c latest.txt | awk '{ print $1 }')
if (( $bytecount > 1200000 )); then
echo "SUCCESS"
echo -n "- Byte count greater than 1200000: \""
echo "$bytecount" | tr -d "\n"
echo "\""
verifications=$((verifications+1))
else
echo "FAILED"
echo -n "- Byte count less than 1200000: \""
echo "$bytecount" | tr -d "\n"
echo "\""
oldfile
echo -n "Script exiting (not enough bytes) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
fi
echo -n "- Checking file newline count: "
newlinecount=$(wc -l latest.txt | awk '{ print $1 }')
if (( $newlinecount > 50000 )); then
echo "SUCCESS"
echo -n "- Newline count greater than 50000: \""
echo "$newlinecount" | tr -d "\n"
echo "\""
verifications=$((verifications+1))
else
echo "FAILED"
echo -n "- Newline count less than 50000: \""
echo "$newlinecount" | tr -d "\n"
echo "\""
oldfile
echo -n "Script exiting (not enough lines) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
fi
if [ $verifications == "7" ]; then
echo ""
echo "***************************"
echo "File successfully verified!"
echo -n "- Verification count: \""
echo "$verifications" | tr -d "\n"
echo "\""
echo "***************************"
echo ""
echo "Using new hosts file:"
echo -n "-"
head -n 4 latest.txt | tail -n 1 | tr -d "#" | grep "Date: "
echo -n "-"
head -n 5 latest.txt | tail -n 1 | tr -d "#" | grep "Extensions added to this file: "
echo -n "-"
head -n 6 latest.txt | tail -n 1 | tr -d "#" | grep "Number of unique domains: "
echo -n "- SHA256: "
sha256sum latest.txt | awk '{ print $1 }'
echo -n "- SHA1: "
sha1sum latest.txt | awk '{ print $1 }'
echo -n "- MD5: "
md5sum latest.txt | awk '{print $1 }'
echo ""
echo "Old hosts file:"
echo -n "-"
head -n 4 old.txt | tail -n 1 | tr -d "#" | grep "Date: "
echo -n "-"
head -n 5 old.txt | tail -n 1 | tr -d "#" | grep "Extensions added to this file: "
echo -n "-"
head -n 6 old.txt | tail -n 1 | tr -d "#" | grep "Number of unique domains: "
echo -n "- SHA256: "
sha256sum old.txt | awk '{ print $1 }'
echo -n "- SHA1: "
sha1sum old.txt | awk '{ print $1 }'
echo -n "- MD5: "
md5sum old.txt | awk '{print $1 }'
echo ""
echo "Diff between both files (max 40 lines shown):"
echo "<--- old - new --->"
diff old.txt latest.txt | sed 's/\./(dot)/g' | head -n 40
echo ""
echo "Finalising updated hosts file:"
echo -n "- Backing up current hosts file: "
mv current-hosts.txt backup-hosts.txt
sleep 1
echo "DONE"
echo -n "- Removing unwanted entries and writing to current-hosts file: "
egrep -v "^(127[.]0[.]0[.]1 localhost|127[.]0[.]0[.]1 localhost[.]localdomain|127[.]0[.]0[.]1 local|255[.]255[.]255[.]255 broadcasthost|::1 localhost|fe80::1%lo0 localhost|0[.]0[.]0[.]0 0[.]0[.]0[.]0)$" latest.txt > current-hosts.txt
echo "DONE"
echo -n "- Prepending default/custom hosts file entries: "
filedate=$(date "+%a %d %b %Y - %r")
filehostname=$(hostname)
sed -i "1 i\#Updated: $filedate\n127.0.0.1 localhost\n127.0.0.1 $filehostname\n" current-hosts.txt
echo "DONE"
else
#Script should never get here
echo "File verification failed!"
echo -n "- Verification count: \""
echo "$verifications" | tr -d "\n"
echo "\""
oldfile
echo -n "Script exiting (unknown error) at: "
date "+%a %d %b %Y - %r"
echo "- Exiting."
exit
fi
echo ""
echo -n "Removing lockfile (sleep 3): "
sleep 3
rm lockfile.txt
echo "DONE"
echo ""
echo -n "Script finishing (updated successfully) at: "
date "+%a %d %b %Y - %r"
echo "- See output hosts file at \"current-hosts.txt\"."
echo ""