mirror of
https://github.com/yt-dlp/yt-dlp.git
synced 2024-11-07 20:30:41 -05:00
#88 Implement SHA256 checking for autoupdater
* Also fix bugs from e5813e53f0
Authored-by: shirtjs <2660574+shirtjs@users.noreply.github.com>
:ci skip dl
This commit is contained in:
parent
47930b73a5
commit
44f705d001
2 changed files with 70 additions and 18 deletions
|
@ -72,7 +72,7 @@
|
||||||
'--exclude-module=test',
|
'--exclude-module=test',
|
||||||
'--exclude-module=ytdlp_plugins',
|
'--exclude-module=ytdlp_plugins',
|
||||||
'--hidden-import=mutagen',
|
'--hidden-import=mutagen',
|
||||||
'--hidden-import=pycryptodome',
|
'--hidden-import=Crypto',
|
||||||
'youtube_dlc/__main__.py',
|
'youtube_dlc/__main__.py',
|
||||||
])
|
])
|
||||||
SetVersion('dist/youtube-dlc%s.exe' % _x86, VERSION_FILE)
|
SetVersion('dist/youtube-dlc%s.exe' % _x86, VERSION_FILE)
|
||||||
|
|
|
@ -40,16 +40,16 @@ def update_self(to_screen, verbose, opener):
|
||||||
|
|
||||||
JSON_URL = 'https://api.github.com/repos/pukkandan/yt-dlp/releases/latest'
|
JSON_URL = 'https://api.github.com/repos/pukkandan/yt-dlp/releases/latest'
|
||||||
|
|
||||||
def sha256sum():
|
def calc_sha256sum(path):
|
||||||
h = hashlib.sha256()
|
h = hashlib.sha256()
|
||||||
b = bytearray(128 * 1024)
|
b = bytearray(128 * 1024)
|
||||||
mv = memoryview(b)
|
mv = memoryview(b)
|
||||||
with open(os.path.realpath(sys.executable), 'rb', buffering=0) as f:
|
with open(os.path.realpath(path), 'rb', buffering=0) as f:
|
||||||
for n in iter(lambda: f.readinto(mv), 0):
|
for n in iter(lambda: f.readinto(mv), 0):
|
||||||
h.update(mv[:n])
|
h.update(mv[:n])
|
||||||
return h.hexdigest()
|
return h.hexdigest()
|
||||||
|
|
||||||
to_screen('Current Build Hash %s' % sha256sum())
|
to_screen('Current Build Hash %s' % calc_sha256sum(sys.executable))
|
||||||
|
|
||||||
if not isinstance(globals().get('__loader__'), zipimporter) and not hasattr(sys, 'frozen'):
|
if not isinstance(globals().get('__loader__'), zipimporter) and not hasattr(sys, 'frozen'):
|
||||||
to_screen('It looks like you installed yt-dlp with a package manager, pip, setup.py or a tarball. Please use that to update.')
|
to_screen('It looks like you installed yt-dlp with a package manager, pip, setup.py or a tarball. Please use that to update.')
|
||||||
|
@ -76,18 +76,32 @@ def version_tuple(version_str):
|
||||||
|
|
||||||
to_screen('Updating to version ' + version_id + ' ...')
|
to_screen('Updating to version ' + version_id + ' ...')
|
||||||
|
|
||||||
def get_bin_info(bin_or_exe, version):
|
version_labels = {
|
||||||
labels = {
|
|
||||||
'zip_3': '',
|
'zip_3': '',
|
||||||
'zip_2': '',
|
'zip_2': '',
|
||||||
# 'zip_2': '_py2',
|
# 'zip_2': '_py2',
|
||||||
'exe_64': '.exe',
|
'exe_64': '.exe',
|
||||||
'exe_32': '_x86.exe',
|
'exe_32': '_x86.exe',
|
||||||
}
|
}
|
||||||
label = labels['%s_%s' % (bin_or_exe, version)]
|
|
||||||
|
def get_bin_info(bin_or_exe, version):
|
||||||
|
label = version_labels['%s_%s' % (bin_or_exe, version)]
|
||||||
return next(
|
return next(
|
||||||
i for i in version_info['assets']
|
(i for i in version_info['assets']
|
||||||
if i['name'] in ('yt-dlp%s' % label, 'youtube-dlc%s' % label))
|
if i['name'] in ('yt-dlp%s' % label, 'youtube-dlc%s' % label)), {})
|
||||||
|
|
||||||
|
def get_sha256sum(bin_or_exe, version):
|
||||||
|
label = version_labels['%s_%s' % (bin_or_exe, version)]
|
||||||
|
urlh = next(
|
||||||
|
(i for i in version_info['assets']
|
||||||
|
if i['name'] in ('SHA2-256SUMS')), {}).get('browser_download_url')
|
||||||
|
if not urlh:
|
||||||
|
return None
|
||||||
|
hash_data = opener.open(urlh).read().decode('utf-8')
|
||||||
|
hashes = list(map(lambda x: x.split(':'), hash_data.splitlines()))
|
||||||
|
return next(
|
||||||
|
(i[1] for i in hashes
|
||||||
|
if i[0] in ('yt-dlp%s' % label, 'youtube-dlc%s' % label)), None)
|
||||||
|
|
||||||
# sys.executable is set to the full pathname of the exe-file for py2exe
|
# sys.executable is set to the full pathname of the exe-file for py2exe
|
||||||
# though symlinks are not followed so that we need to do this manually
|
# though symlinks are not followed so that we need to do this manually
|
||||||
|
@ -108,7 +122,12 @@ def get_bin_info(bin_or_exe, version):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
arch = platform.architecture()[0][:2]
|
arch = platform.architecture()[0][:2]
|
||||||
urlh = opener.open(get_bin_info('exe', arch)['browser_download_url'])
|
url = get_bin_info('exe', arch).get('browser_download_url')
|
||||||
|
if not url:
|
||||||
|
to_screen('ERROR: unable to fetch updates')
|
||||||
|
to_screen('Visit https://github.com/pukkandan/yt-dlp/releases/latest')
|
||||||
|
return
|
||||||
|
urlh = opener.open(url)
|
||||||
newcontent = urlh.read()
|
newcontent = urlh.read()
|
||||||
urlh.close()
|
urlh.close()
|
||||||
except (IOError, OSError, StopIteration):
|
except (IOError, OSError, StopIteration):
|
||||||
|
@ -127,6 +146,18 @@ def get_bin_info(bin_or_exe, version):
|
||||||
to_screen('ERROR: unable to write the new version')
|
to_screen('ERROR: unable to write the new version')
|
||||||
return
|
return
|
||||||
|
|
||||||
|
expected_sum = get_sha256sum('exe', arch)
|
||||||
|
if not expected_sum:
|
||||||
|
to_screen('WARNING: no hash information found for the release')
|
||||||
|
elif calc_sha256sum(exe + '.new') != expected_sum:
|
||||||
|
to_screen('ERROR: unable to verify the new executable')
|
||||||
|
to_screen('Visit https://github.com/pukkandan/yt-dlp/releases/latest')
|
||||||
|
try:
|
||||||
|
os.remove(exe + '.new')
|
||||||
|
except OSError:
|
||||||
|
to_screen('ERROR: unable to remove corrupt download')
|
||||||
|
return
|
||||||
|
|
||||||
try:
|
try:
|
||||||
bat = os.path.join(directory, 'yt-dlp-updater.cmd')
|
bat = os.path.join(directory, 'yt-dlp-updater.cmd')
|
||||||
with io.open(bat, 'w') as batfile:
|
with io.open(bat, 'w') as batfile:
|
||||||
|
@ -141,7 +172,7 @@ def get_bin_info(bin_or_exe, version):
|
||||||
''' % (exe, exe, version_id))
|
''' % (exe, exe, version_id))
|
||||||
|
|
||||||
subprocess.Popen([bat]) # Continues to run in the background
|
subprocess.Popen([bat]) # Continues to run in the background
|
||||||
return # Do not show premature success messages
|
return True # Exit app
|
||||||
except (IOError, OSError):
|
except (IOError, OSError):
|
||||||
if verbose:
|
if verbose:
|
||||||
to_screen(encode_compat_str(traceback.format_exc()))
|
to_screen(encode_compat_str(traceback.format_exc()))
|
||||||
|
@ -152,7 +183,12 @@ def get_bin_info(bin_or_exe, version):
|
||||||
elif isinstance(globals().get('__loader__'), zipimporter):
|
elif isinstance(globals().get('__loader__'), zipimporter):
|
||||||
try:
|
try:
|
||||||
py_ver = platform.python_version()[0]
|
py_ver = platform.python_version()[0]
|
||||||
urlh = opener.open(get_bin_info('zip', py_ver)['browser_download_url'])
|
url = get_bin_info('zip', py_ver).get('browser_download_url')
|
||||||
|
if not url:
|
||||||
|
to_screen('ERROR: unable to fetch updates')
|
||||||
|
to_screen('Visit https://github.com/pukkandan/yt-dlp/releases/latest')
|
||||||
|
return
|
||||||
|
urlh = opener.open(url)
|
||||||
newcontent = urlh.read()
|
newcontent = urlh.read()
|
||||||
urlh.close()
|
urlh.close()
|
||||||
except (IOError, OSError, StopIteration):
|
except (IOError, OSError, StopIteration):
|
||||||
|
@ -163,11 +199,27 @@ def get_bin_info(bin_or_exe, version):
|
||||||
return
|
return
|
||||||
|
|
||||||
try:
|
try:
|
||||||
with open(filename, 'wb') as outf:
|
with open(filename + '.new', 'wb') as outf:
|
||||||
outf.write(newcontent)
|
outf.write(newcontent)
|
||||||
except (IOError, OSError):
|
except (IOError, OSError):
|
||||||
if verbose:
|
if verbose:
|
||||||
to_screen(encode_compat_str(traceback.format_exc()))
|
to_screen(encode_compat_str(traceback.format_exc()))
|
||||||
|
to_screen('ERROR: unable to write the new version')
|
||||||
|
return
|
||||||
|
|
||||||
|
expected_sum = get_sha256sum('zip', py_ver)
|
||||||
|
if expected_sum and calc_sha256sum(filename + '.new') != expected_sum:
|
||||||
|
to_screen('ERROR: unable to verify the new zip')
|
||||||
|
to_screen('Visit https://github.com/pukkandan/yt-dlp/releases/latest')
|
||||||
|
try:
|
||||||
|
os.remove(filename + '.new')
|
||||||
|
except OSError:
|
||||||
|
to_screen('ERROR: unable to remove corrupt zip')
|
||||||
|
return
|
||||||
|
|
||||||
|
try:
|
||||||
|
os.rename(filename + '.new', filename)
|
||||||
|
except OSError:
|
||||||
to_screen('ERROR: unable to overwrite current version')
|
to_screen('ERROR: unable to overwrite current version')
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue