filippodb
/
LocalCDN-Firefox-Chrome-Brave
mirror of https://codeberg.org/nobody/LocalCDN.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Updated: audit.sh

This commit is contained in:
nobody 2021-03-11 06:34:29 +01:00
parent 1d7b7242c0
commit ff8a1d01f2
No known key found for this signature in database
GPG Key ID: 8F6DE3D614FCFD7A
1 changed files with 106 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

173
audit/audit.sh
View File

@ -1,5 +1,16 @@
#!/bin/bash
# =============================================================================
# AUDIT SCRIPT TO VERIFY THE INTEGRITY OF THE BUNDLED RESOURCES
#
# Author nobody
# Versions 1.1
#
# License MPL 2.0
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this file,
# You can obtain one at http://mozilla.org/MPL/2.0/.
#
# =============================================================================
# PREREQUISITES:
#
@ -45,13 +56,25 @@ CREATE_THIRD_PARTY_FILE=false
# Choose the folder name from /resources/, e.g. jquery
# bash audit.sh replace jquery
#
# =============================================================================
# WHICH FILES WILL BE CHECKED?
#
# All files in the directory /resources/
#
# Exceptions:
# /resources/*/note
# /resources/google-material-design-icons/google-material-design-icons.css
# =============================================================================
# CDNs
# =============================================================================
CLOUDFLARE="https://cdnjs.cloudflare.com/ajax/libs"
CLOUDFLARE_AJAX="https://ajax.cloudflare.com/cdn-cgi/scripts"
JSDELIVR="https://cdn.jsdelivr.net"
GITHUB="https://raw.githubusercontent.com"
# =============================================================================
# GLOBALS
# =============================================================================
REGEX_JS=".*\.jsm$"
COUNTER_ALL=0
@ -66,6 +89,8 @@ FILES_FAILED=""
FILES_SKIPPED=""
FILES_NO_CONNECTION=""
# =============================================================================
# FORMATTING
# =============================================================================
RED='\033[0;31m'
GREEN='\033[0;32m'
@ -75,35 +100,38 @@ BOLD=$(tput bold)
NORMAL=$(tput sgr0)
DIVIDER=$(printf '%*s\n' 141 '' | tr ' ' "=")
# =============================================================================
# ARGUMENTS HANDLING
# =============================================================================
if [ "$1" = "replace" ] && [ "$2" = "" ]; then
REPLACE=true
CHECK="ALL"
echo -e "CHECK: All"
echo -e "REPLACE: Yes"
echo -e "CHECK: ALL"
echo -e "REPLACE: YES"
elif [ "$1" != "" ] && [ "$1" != "replace" ]; then
CHECK=$1
echo -e "CHECK: $1"
echo -e "REPLACE: No"
echo -e "REPLACE: NO"
elif [ "$1" = "replace" ] && [ "$2" != "" ]; then
REPLACE=true
CHECK=$2
echo -e "CHECK: $2"
echo -e "REPLACE: Yes"
echo -e "REPLACE: YES"
else
CHECK="ALL"
echo -e "CHECK: ALL"
echo -e "REPLACE: No"
echo -e "REPLACE: NO"
fi
# =============================================================================
if [[ "$USE_TOR" != true && "$USE_TOR" != false ]]; then
echo -e "USE_TOR not set. Please select yes (true) or no (false)!"
exit 1
fi
# =============================================================================
function create_url
# CHECK RESOURCE
# =============================================================================
function check_resource
{
path=$1
folder=$(echo -e "$path" | cut -d"/" -f3)
@ -125,8 +153,6 @@ function create_url
is_javascript=false
error=false
LOCAL_HASH=$(sha512sum "$path" | cut -d " " -f 1)
if [[ $path =~ $REGEX_JS ]]; then
path=$(echo "$path" | sed 's/.$//')
jfile=$(echo "$file" | sed 's/.$//')
@ -134,6 +160,64 @@ function create_url
is_javascript=true
fi
# Get URL of CDN
create_url
# Use Tor Proxy if set
if [ "$USE_TOR" = true ]; then
if ! torsocks wget -qO ./tmp "$url"; then
error=true
fi
else
if ! wget -qO ./tmp "$url"; then
error=true
fi
fi
if [ "$error" = true ]; then
echo -e "${YELLOW}LOCAL HASH: -${NOCOLOR}"
echo -e "${YELLOW}REMOTE HASH: -${NOCOLOR}"
echo -e "${YELLOW}STATUS: NO CONNECTION $url${NOCOLOR}"
FILES_NO_CONNECTION="${YELLOW}No connection: $path --> $url${NOCOLOR}\n$FILES_NO_CONNECTION"
((COUNTER_CONNECT_FAILED++))
return 0;
fi
# Calculate hash value
LOCAL_HASH=$(sha512sum "$path" | cut -d " " -f 1)
REMOTE_HASH=$(sha512sum ./tmp | cut -d " " -f 1)
if [ "$LOCAL_HASH" != "$REMOTE_HASH" ]; then
echo -e "${RED}LOCAL HASH: $LOCAL_HASH${NOCOLOR}"
echo -e "${RED}REMOTE HASH: $REMOTE_HASH${NOCOLOR}"
echo -e "${RED}STATUS: FAILED${NOCOLOR}"
if [ "$REPLACE" = true ]; then
if [ "$is_javascript" = true ]; then
mv ./tmp "${path}m"
else
mv ./tmp "${path}"
fi
echo -e "${RED} FILE ALREADY REPLACED${NOCOLOR}"
FILES_FAILED="${RED}Hash mismatch: $path (File already replaced)${NOCOLOR}\n$FILES_FAILED"
else
# No replace
FILES_FAILED="${RED}Hash mismatch: $path${NOCOLOR}\n$FILES_FAILED"
fi
((COUNTER_HASH_FAILED++))
else
echo -e "${GREEN}LOCAL HASH: $LOCAL_HASH${NOCOLOR}"
echo -e "${GREEN}REMOTE HASH: $REMOTE_HASH${NOCOLOR}"
echo -e "${GREEN}STATUS: PASSED${NOCOLOR}"
((COUNTER_HASH_OK++))
fi
third_party+=("${url}")
}
# =============================================================================
# CREATE URLs
# =============================================================================
function create_url
{
if [ "$folder" = "angular-stripe-checkout" ]; then
url="$JSDELIVR/npm/angular-stripe-checkout@$version/angular-stripe-checkout.min.js"
elif [ "$folder" = "ethjs" ]; then
@ -159,7 +243,7 @@ function create_url
elif [ "$folder" = "rocket-loader" ]; then
url="$CLOUDFLARE_AJAX/7089c43e/cloudflare-static/rocket-loader.min.js"
elif [ "$folder" = "google-material-design-icons" ]; then
url="https://fonts.gstatic.com/s/materialicons/v80/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2"
url="https://fonts.gstatic.com/s/materialicons/$version/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2"
elif [ "$folder" = "object-assign" ]; then
url="$JSDELIVR/npm/object-assign@4.1.1/index.js"
elif [ "$folder" = "mirage2" ]; then
@ -324,7 +408,7 @@ function create_url
url="$CLOUDFLARE/$folder/2.5.0/webcomponents-loader.min.js"
elif [ "$folder" = "vue-i18n" ] && [ "$version" = "9.0.0" ]; then
url="$CLOUDFLARE/$folder/$version/vue-i18n.cjs.min.js"
elif [ "$path" = "twitter-bootstrap/fonts/glyphicons-halflings-regular.woff2" ]; then
elif [ "$path" = "../resources/twitter-bootstrap/fonts/glyphicons-halflings-regular.woff2" ]; then
url="$CLOUDFLARE/twitter-bootstrap/3.4.1/fonts/glyphicons-halflings-regular.woff2"
elif [ "$subfile" = "jquery-ui.min.css" ]; then
url="$CLOUDFLARE/jqueryui/1.8.24/themes/base/minified/jquery-ui.min.css"
@ -362,9 +446,13 @@ function create_url
elif [ "$subfile" = "videojs-seek-buttons.min.js" ]; then
url="$JSDELIVR/npm/videojs-seek-buttons/dist/videojs-seek-buttons.js"
elif [ "$subfile" = "jsdelivr-combine-jquery-hogan-algoliasearch-autocomplete.js" ]; then
url="$JSDELIVR/combine/npm/jquery@2.2.4/dist/jquery.min.js,npm/hogan.js@3.0.2/dist/hogan-3.0.2.min.js,npm/algoliasearch@3.30.0/dist/algoliasearch.min.js,npm/autocomplete.js@0.31.0/dist/autocomplete.min.js"
url="$JSDELIVR/combine/npm/jquery@2.2.4/dist/jquery.min.js,npm/hogan.js@3.0.2/dist/\
hogan-3.0.2.min.js,npm/algoliasearch@3.30.0/dist/algoliasearch.min.js,npm/\
autocomplete.js@0.31.0/dist/autocomplete.min.js"
elif [ "$folder" = "vue-resource" ]; then
url="$GITHUB/pagekit/vue-resource/$version/dist/vue-resource.min.js"
elif [ "$path" = "../resources/webfont/fa-loader.js" ]; then
url="https://use.fontawesome.com/a1f20be65b.js"
else
if [ "$subfile" = "$jfile" ]; then
url="$CLOUDFLARE/$folder/$version/$subfile"
@ -372,73 +460,24 @@ function create_url
url="$CLOUDFLARE/$folder/$version/$file/$subfile"
fi
fi
if [ "$USE_TOR" = true ]; then
if ! torsocks wget -qO ./tmp "$url"; then
error=true
fi
else
if ! wget -qO ./tmp "$url"; then
error=true
fi
fi
if [ "$error" = true ]; then
echo -e "${YELLOW}LOCAL HASH: -${NOCOLOR}"
echo -e "${YELLOW}REMOTE HASH: -${NOCOLOR}"
echo -e "${YELLOW}STATUS: NO CONNECTION $url${NOCOLOR}"
FILES_NO_CONNECTION="${YELLOW}No connection: $path --> $url${NOCOLOR}\n$FILES_NO_CONNECTION"
((COUNTER_CONNECT_FAILED++))
return 0;
fi
REMOTE_HASH=$(sha512sum ./tmp | cut -d " " -f 1)
if [ "$LOCAL_HASH" != "$REMOTE_HASH" ]; then
echo -e "${RED}LOCAL HASH: $LOCAL_HASH${NOCOLOR}"
echo -e "${RED}REMOTE HASH: $REMOTE_HASH${NOCOLOR}"
echo -e "${RED}STATUS: FAILED${NOCOLOR}"
if [ "$REPLACE" = true ]; then
if [ "$is_javascript" = true ]; then
mv ./tmp "${path}m"
else
mv ./tmp "${path}"
fi
echo -e "${RED} FILE ALREADY REPLACED${NOCOLOR}"
FILES_FAILED="${RED}Hash mismatch: $path (File already replaced)${NOCOLOR}\n$FILES_FAILED"
else
# No replace
FILES_FAILED="${RED}Hash mismatch: $path${NOCOLOR}\n$FILES_FAILED"
fi
((COUNTER_HASH_FAILED++))
else
echo -e "${GREEN}LOCAL HASH: $LOCAL_HASH${NOCOLOR}"
echo -e "${GREEN}REMOTE HASH: $REMOTE_HASH${NOCOLOR}"
echo -e "${GREEN}STATUS: PASSED${NOCOLOR}"
((COUNTER_HASH_OK++))
fi
third_party+=("${url}")
}
# =============================================================================
#
# MAIN
#
# =============================================================================
array=()
# Find files in /resource/
while IFS= read -r -d $'\0'; do
array+=("$REPLY")
done < <(find ../resources/ -type f \( -iname "*.jsm" -or -iname "*.css" -or -iname "*.woff" -or -iname "*.woff2" \) ! -iname "fa-loader.jsm" ! -iname "fa-loader.css" ! -iname "google-material-design-icons.css" -print0)
done < <(find ../resources/ -type f \( -iname "*.jsm" -or -iname "*.css" -or -iname "*.woff" -or -iname "*.woff2" \) ! -iname "fa-loader.css" ! -iname "google-material-design-icons.css" -print0)
third_party=()
for i in "${array[@]}"
do
create_url "$i"
for i in "${array[@]}"; do
check_resource "$i"
done
rm ./tmp
rm ./tmp 2> /dev/null
IFS=$'\n' sorted=($(sort <<<"${third_party[*]}"))
unset IFS