From 2ec1fd6e740baf20bb7531843904d744bffaafbd Mon Sep 17 00:00:00 2001 From: juewuy Date: Mon, 14 Dec 2020 16:38:14 +0800 Subject: [PATCH] =?UTF-8?q?v1.0.0beta17.9=20~=E5=A2=9E=E5=8A=A0=E4=BA=86?= =?UTF-8?q?=E4=B8=80=E9=94=AE=E5=88=87=E6=8D=A2=E5=8A=A0=E5=AF=86dns?= =?UTF-8?q?=E7=9A=84=E5=8A=9F=E8=83=BD=20~=E4=BF=AE=E5=A4=8D=E4=BA=86?= =?UTF-8?q?=E5=88=87=E6=8D=A2=E5=AE=89=E8=A3=85=E6=BA=90=E6=97=B6=E4=BC=9A?= =?UTF-8?q?=E5=81=B6=E5=B0=94=E6=B8=85=E7=A9=BA=E9=85=8D=E7=BD=AE=E6=96=87?= =?UTF-8?q?=E4=BB=B6=E7=9A=84bug=20~=E4=BF=AE=E5=A4=8D=E4=BA=86=E4=B8=8B?= =?UTF-8?q?=E8=BD=BD=E5=A4=B1=E8=B4=A5=E5=B9=B6=E6=8F=90=E7=A4=BA127.0.0.1?= =?UTF-8?q?=E6=97=A0=E6=B3=95=E8=BF=9E=E6=8E=A5=E7=9A=84bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- scripts/clash.sh | 28 ++++++++++++++++++++---- scripts/getdate.sh | 54 +++++++++++++++++++++++----------------------- scripts/start.sh | 24 +++++++++++++++------ 3 files changed, 68 insertions(+), 38 deletions(-) diff --git a/scripts/clash.sh b/scripts/clash.sh index 244404a..79ae871 100644 --- a/scripts/clash.sh +++ b/scripts/clash.sh @@ -40,7 +40,10 @@ getconfig(){ [ -n "$(systemctl is-enabled clash.service 2>&1 | grep enable)" ] && autostart=enable_sys || autostart=disable_sys fi #开机自启描述 - if [ "$autostart" = "enable_rc" -o "$autostart" = "enable_sys" ]; then + if [ "$start_old" = "已开启" ]; then + auto="\033[32m保守模式\033[0m" + auto1="代理本机:\033[36m$local_proxy\033[0m" + elif [ "$autostart" = "enable_rc" -o "$autostart" = "enable_sys" ]; then auto="\033[32m已设置开机启动!\033[0m" auto1="\033[36m禁用\033[0mclash开机启动" elif [ "$autostart" = "disable_rc" -o "$autostart" = "disable_sys" ]; then @@ -90,7 +93,7 @@ getconfig(){ setconfig(){ #参数1代表变量名,参数2代表变量值,参数3即文件路径 [ -z "$3" ] && configpath=$clashdir/mark || configpath=$3 - [ -n "$(grep ${1} $configpath)" ] && sed -i "s/${1}=.*/${1}=${2}/g" $configpath || echo "${1}=${2}" >> $configpath + [ -n "$(grep ${1} $configpath)" ] && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath } #启动相关 errornum(){ @@ -238,13 +241,14 @@ setdns(){ echo ----------------------------------------------- echo -e "当前基础DNS:\033[32m$dns_nameserver\033[0m" echo -e "fallbackDNS:\033[36m$dns_fallback\033[0m" - echo -e "多个DNS地址请用\033[30;47m | \033[0m分隔一次性输入" + echo -e "多个DNS地址请用\033[30;47m“|”\033[0m或者\033[30;47m“, ”\033[0m分隔输入" echo -e "\033[33m必须拥有本地根证书文件才能使用dot/doh类型的加密dns\033[0m" echo ----------------------------------------------- echo -e " 1 修改\033[32m基础DNS\033[0m" echo -e " 2 修改\033[36mfallback_DNS\033[0m" echo -e " 3 \033[33m重置\033[0mDNS配置" echo -e " 4 禁用内置DNS(慎用)" + echo -e " 5 使用\033[32m加密DNS\033[0m" echo -e " 0 返回上级菜单" echo ----------------------------------------------- read -p "请输入对应数字 > " num @@ -252,7 +256,7 @@ setdns(){ errornum elif [ "$num" = 1 ]; then read -p "请输入新的DNS > " dns_nameserver - dns_nameserver=$(echo $dns_nameserver | sed 's/|/\,\ /g') + dns_nameserver=$(echo $dns_nameserver | sed 's#|#\,\ #g') if [ -n "$dns_nameserver" ]; then setconfig dns_nameserver \'"$dns_nameserver"\' echo -e "\033[32m设置成功!!!\033[0m" @@ -280,6 +284,22 @@ setdns(){ setconfig dns_no $dns_no echo -e "\033[33m已禁用内置DNS!!!\033[0m" setdns + elif [ "$num" = 5 ]; then + source $clashdir/getdate.sh + webget /tmp/ssl_test https://baidu.com echooff rediron skipceroff + if [ "$result" != "200" ];then + echo ----------------------------------------------- + echo -e "\033[31m当前设备未安装openssl服务或者没有根证书,无法启用!\033[0m" + else + dns_nameserver='https://223.5.5.5/dns-query, https://doh.pub/dns-query, tls://dns.rubyfish.cn:853' + dns_fallback='https://1.0.0.1/dns-query, https://8.8.4.4/dns-query, https://doh.opendns.com/dns-query' + setconfig dns_nameserver \'"$dns_nameserver"\' + setconfig dns_fallback \'"$dns_fallback"\' + echo -e "\033[32m设置成功!!!\033[0m" + fi + rm -rf /tmp/ssl_test + sleep 1 + setdns fi } checkport(){ diff --git a/scripts/getdate.sh b/scripts/getdate.sh index 40cca58..7a26629 100644 --- a/scripts/getdate.sh +++ b/scripts/getdate.sh @@ -2,19 +2,28 @@ # Copyright (C) Juewuy webget(){ - [ -n "$(netstat -ntul 2>&1 |grep :$mix_port)" ] && export all_proxy="http://$authentication@127.0.0.1:$mix_port" #设置临时http代理 + [ -n "$(pidof clash)" ] && export all_proxy="http://$authentication@127.0.0.1:$mix_port" #设置临时http代理 #参数【$1】代表下载目录,【$2】代表在线地址 #参数【$3】代表输出显示,【$4】不启用重定向 + #参数【$5】代表验证证书 if curl --version > /dev/null 2>&1;then [ "$3" = "echooff" ] && progress='-s' || progress='-#' - [ -z "$4" ] && redirect='-L' || redirect='' - result=$(curl -w %{http_code} --connect-timeout 5 $progress $redirect -ko $1 $2) + [ "$4" = "rediroff" ] && redirect='' || redirect='-L' + [ "$5" = "skipceroff" ] && certificate='' || certificate='-k' + result=$(curl -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o $1 $2) + [ "$result" != "200" ] && export all_proxy="" && result=$(curl -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o $1 $2) else [ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress' [ "$3" = "echoon" ] && progress='' - [ -z "$4" ] && redirect='' || redirect='--max-redirect=0' - wget -Y on $progress $redirect --no-check-certificate --timeout=5 -O $1 $2 - [ $? -eq 0 ] && result="200" + [ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect='' + [ "$5" = "skipceroff" ] && certificate='' || certificate='--no-check-certificate' + wget -Y on $progress $redirect $certificate --timeout=3 -O $1 $2 + if [ "$?" != "0" ];then + wget $progress $redirect $certificate --timeout=3 -O $1 $2 + [ "$?" = "0" ] && result="200" + else + result="200" + fi fi export all_proxy="" } @@ -622,36 +631,27 @@ setdb(){ fi } getcrt(){ - crtdir='/etc/ssl/certs/ca-certificates.crt' - if [ -f $crtdir ];then + crtlink="${update_url}/bin/ca-certificates.crt" + echo ----------------------------------------------- + echo 正在连接服务器获取安装文件………… + webget /tmp/ca-certificates.crt $crtlink + if [ "$result" != "200" ];then echo ----------------------------------------------- - echo -e "\033[31m检测到您的设备已经安装好根证书文件了!\033[0m" + echo -e "\033[31m文件下载失败!\033[0m" + else echo ----------------------------------------------- - read -p "是否覆盖安装?[1/0] > " res - if [ "$res" = 1 ]; then - rm -rf $crtdir - dblink="${update_url}/bin/ca-certificates.crt" - echo ----------------------------------------------- - echo 正在连接服务器获取安装文件………… - webget /tmp/ca-certificates.crt $dblink - if [ "$result" != "200" ];then - echo ----------------------------------------------- - echo -e "\033[31m文件下载失败!\033[0m" - else - echo ----------------------------------------------- - mv -f /tmp/ca-certificates.crt $crtdir - echo -e "\033[32m证书安装成功!\033[0m" - sleep 1 - fi - fi + mv -f /tmp/ca-certificates.crt $crtdir + echo -e "\033[32m证书安装成功!\033[0m" + sleep 1 fi - } setcrt(){ + crtdir='/etc/ssl/certs/ca-certificates.crt' echo ----------------------------------------------- echo -e "\033[36m安装/更新本地根证书文件(ca-certificates.crt)\033[0m" echo -e "\033[33m用于解决证书校验错误,x509报错等问题\033[0m" echo -e "\033[31m无上述问题的设备无需使用本功能!\033[0m" + [ -f "$crtdir" ] && echo -e "\033[32m当前设备已经安装根证书文件了!\033[0m" echo ----------------------------------------------- read -p "确认安装?(1/0) > " res diff --git a/scripts/start.sh b/scripts/start.sh index 706afc6..c224e45 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -33,7 +33,7 @@ getconfig(){ setconfig(){ #参数1代表变量名,参数2代表变量值,参数3即文件路径 [ -z "$3" ] && configpath=$clashdir/mark || configpath=$3 - [ -n "$(grep ${1} $configpath)" ] && sed -i "s/${1}=.*/${1}=${2}/g" $configpath || echo "${1}=${2}" >> $configpath + [ -n "$(grep ${1} $configpath)" ] && sed -i "s#${1}=.*#${1}=${2}#g" $configpath || echo "${1}=${2}" >> $configpath } compare(){ if [ ! -f $1 -o ! -f $2 ];then @@ -45,19 +45,28 @@ compare(){ fi } webget(){ - [ -n "$(netstat -ntul 2>&1 |grep :$mix_port)" ] && export all_proxy="http://$authentication@127.0.0.1:$mix_port" #设置临时http代理 + [ -n "$(pidof clash)" ] && export all_proxy="http://$authentication@127.0.0.1:$mix_port" #设置临时http代理 #参数【$1】代表下载目录,【$2】代表在线地址 #参数【$3】代表输出显示,【$4】不启用重定向 + #参数【$5】代表验证证书 if curl --version > /dev/null 2>&1;then [ "$3" = "echooff" ] && progress='-s' || progress='-#' - [ -z "$4" ] && redirect='-L' || redirect='' - result=$(curl -w %{http_code} --connect-timeout 5 $progress $redirect -ko $1 $2) + [ "$4" = "rediroff" ] && redirect='' || redirect='-L' + [ "$5" = "skipceroff" ] && certificate='' || certificate='-k' + result=$(curl -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o $1 $2) + [ "$result" != "200" ] && export all_proxy="" && result=$(curl -w %{http_code} --connect-timeout 3 $progress $redirect $certificate -o $1 $2) else [ "$3" = "echooff" ] && progress='-q' || progress='-q --show-progress' [ "$3" = "echoon" ] && progress='' - [ -z "$4" ] && redirect='' || redirect='--max-redirect=0' - wget -Y on $progress $redirect --no-check-certificate --timeout=5 -O $1 $2 - [ "$?" = 0 ] && result="200" + [ "$4" = "rediroff" ] && redirect='--max-redirect=0' || redirect='' + [ "$5" = "skipceroff" ] && certificate='' || certificate='--no-check-certificate' + wget -Y on $progress $redirect $certificate --timeout=3 -O $1 $2 + if [ "$?" != "0" ];then + wget $progress $redirect $certificate --timeout=3 -O $1 $2 + [ "$?" = "0" ] && result="200" + else + result="200" + fi fi export all_proxy="" } @@ -429,6 +438,7 @@ web_save(){ now=$(echo $line | grep -oE '"now".*",' | sed 's/"now"://g'| sed 's/,//g') [ "$def" != "$now" ] && echo $line | grep -oE '"name".*"now".*",' | sed 's/"name"://g' | sed 's/"now"://g'| sed 's/"//g' >> /tmp/clash_web_save_$USER done < /tmp/clash_web_check_$USER + rm -rf /tmp/clash_web_check_$USER #对比文件,如果有变动且不为空则写入磁盘,否则清除缓存 if [ -s /tmp/clash_web_save_$USER ];then compare /tmp/clash_web_save_$USER $clashdir/web_save