3 echo "invocation: safeget <URL> <targetfile>"
7 echo "downloading locally..."
9 checksum="$(curl -- "$1" | tee -- "$realdest" | sha256sum - | cut -d' ' -f1 | tr -d '\n')"
16 echo "downloading on remote machines..."
17 for machine in $(cat ~/.multiget_machines); do
18 echo -ne " downloading from $machine... \r"
20 # yuck! uhm... nothing to see here.
21 # things this tries to defend against:
22 # - special chars in the URL that cause local and remote curl to see different URLs (but of course, defending
23 # against that only makes limited sense)
24 # - remote system sends us special chars and wipes previous warnings from the screen
25 remote_sha256_unsanitized="$(echo -n "$1" | base64 -w0 | ssh -- "$machine" curl -- '"$(base64 -d)"' '|' sha256sum - 2>/dev/null)"
26 remote_sha256="$(echo -n "$remote_sha256_unsanitized" | cut -d' ' -f1 | tr -cd '0123456789abcdef')"
28 if echo -n "$remote_sha256" | grep -vFq -- "$checksum"; then
29 echo -e '\E[1;33;44m'"DIFFERENT CHECKSUM FROM $machine:\n$remote_sha256"'\E[0m'
35 if [ "$mismatch_detected" -eq 0 ]; then
36 echo "moving file to $2..."
37 mv -- "$realdest" "$2"
40 echo "NOT moving temporary download from $realdest to $2 because verification failed"