From a915526e08689f668b8dfd4c324dbc68525673e0 Mon Sep 17 00:00:00 2001 From: Heidel Date: Mon, 26 Jul 2021 04:08:02 +0200 Subject: [PATCH] update updater (-U) --- youtube_dlc/__init__.py | 5 +- youtube_dlc/update.py | 187 ++++++++++++++++++++++++++++++++++++---- 2 files changed, 173 insertions(+), 19 deletions(-) diff --git a/youtube_dlc/__init__.py b/youtube_dlc/__init__.py index 7d72ab985..262dd926f 100644 --- a/youtube_dlc/__init__.py +++ b/youtube_dlc/__init__.py @@ -36,7 +36,7 @@ from .utils import ( write_string, render_table, ) -from .update import update_self +from .update import update_binary from .downloader import ( FileDownloader, ) @@ -455,7 +455,8 @@ def _real_main(argv=None): with YoutubeDL(ydl_opts) as ydl: # Update version if opts.update_self: - update_self(ydl.to_screen, opts.verbose, ydl._opener) + # update_self(ydl.to_screen, opts.verbose, ydl._opener) + update_binary(ydl) # Remove cache dir if opts.rm_cachedir: diff --git a/youtube_dlc/update.py b/youtube_dlc/update.py index b358e902b..170f84e71 100644 --- a/youtube_dlc/update.py +++ b/youtube_dlc/update.py @@ -7,6 +7,7 @@ import hashlib import os import subprocess import sys +import platform from zipimport import zipimporter from .compat import compat_realpath @@ -15,18 +16,173 @@ from .utils import encode_compat_str from .version import __version__ -def rsa_verify(message, signature, key): - from hashlib import sha256 - assert isinstance(message, bytes) - byte_size = (len(bin(key[0])) - 2 + 8 - 1) // 8 - signature = ('%x' % pow(int(signature, 16), key[1], key[0])).encode() - signature = (byte_size * 2 - len(signature)) * b'0' + signature - asn1 = b'3031300d060960864801650304020105000420' - asn1 += sha256(message).hexdigest().encode() - if byte_size < len(asn1) // 2 + 11: - return False - expected = b'0001' + (byte_size - len(asn1) // 2 - 3) * b'ff' + b'00' + asn1 - return expected == signature +def update_binary(ydl): + LATEST_URL = 'https://api.github.com/repos/blackjack4494/yt-dlc/releases/latest' + + def sha256sum(path): + h = hashlib.sha256() + b = bytearray(128 * 1024) + mv = memoryview(b) + with open(os.path.realpath(path), 'rb', buffering=0) as f: + for n in iter(lambda: f.readinto(mv), 0): + h.update(mv[:n]) + return h.hexdigest() + + if isinstance(globals().get('__loader__'), zipimporter): + pass + elif hasattr(sys, 'frozen'): + pass + else: + return ydl.to_screen('It looks like you installed youtube-dlc with a package manager, pip, setup.py or a tarball. Please use that to update') + + filename = compat_realpath(sys.executable if hasattr(sys, 'frozen') else sys.argv[0]) + build_hash = sha256sum(filename) + ydl.to_screen('Current Build Hash %s' % build_hash) + + # Download and check versions info + try: + latest = ydl._opener.open(LATEST_URL).read().decode('utf-8') + latest_json = json.loads(latest) + except Exception: + if ydl.verbose: + ydl.to_screen(encode_compat_str(traceback.format_exc())) + ydl.to_screen('ERROR: can\'t obtain versions info. Please try again later.') + return ydl.to_screen('Visit https://github.com/blackjack4494/yt-dlc/releases/latest') + + latest_version = latest_json['tag_name'] + + def download_sha256sums(): + download_url = '' + for _ in latest_json['assets']: + if 'SHA2-256SUMS' in _['name']: + download_url = _['browser_download_url'] + break + if download_url: + return ydl._opener.open(download_url).read().decode('utf-8') + else: + ydl.to_screen('ERROR: can\'t obtain SHA256SUMS. Please try again later.') + return None + + sha256sums = download_sha256sums() + sha256sums_dict = dict(_.split(':') in sha256sums for _ in sha256sums.split('\n')) + sha256sums_version = sha256sums_dict.get('version') + if sha256sums_version: + if build_hash in sha256sums_dict.values(): + ydl.to_screen('SHA256 checksum successfully validated.') + if __version__.split('.') >= sha256sums_version.split('.') and __version__.split('.') >= latest_version.split('.'): + ydl.to_screen('youtube-dlc is up to date (%s)' % __version__) + return + else: + ydl.to_screen('Something is wrong here. Trying to update anyway.') + else: + if build_hash in sha256sums_dict.values(): + ydl.to_screen('SHA256 checksum successfully validated.') + if __version__.split('.') >= latest_version.split('.'): + ydl.to_screen('youtube-dlc is up to date (%s)' % __version__) + return + + if not latest_version == sha256sums_version: + ydl.to_screen('WARNING: available youtube-dlc versions differ. Trying to update anyway.') + + ydl.to_screen('Updating to version ' + latest_version + ' ...') + + version_labels = { + 'zip_3': '', + 'exe_64': '.exe', + 'exe_32': '_x86.exe', + } + + def get_bin_info(bin_or_exe, version): + label = version_labels['%s_%s' % (bin_or_exe, version)] + return next((_ for _ in latest_json['assets'] if _['name'] == 'youtube-dlc%s' % label), {}) + + if not os.access(filename, os.W_OK): + return ydl.to_screen('no write permissions on %s' % filename) + + # PyInstaller + if hasattr(sys, 'frozen'): + exe = filename + directory = os.path.dirname(exe) + if not os.access(directory, os.W_OK): + return ydl.to_screen('no write permissions on %s' % directory) + try: + if os.path.exists(filename + '.old'): + os.remove(filename + '.old') + except (IOError, OSError): + return ydl.to_screen('unable to remove the old version') + + try: + arch = platform.architecture()[0][:2] + url = get_bin_info('exe', arch).get('browser_download_url') + if not url: + return ydl.to_screen('unable to fetch updates') + urlh = ydl._opener.open(url) + newcontent = urlh.read() + urlh.close() + except (IOError, OSError, StopIteration): + return ydl.to_screen('unable to download latest version') + + try: + with open(exe + '.new', 'wb') as outf: + outf.write(newcontent) + except (IOError, OSError): + return ydl.to_screen('unable to write the new version') + + expected_sum = sha256sums_dict.get('youtube-dlc%s' % version_labels['%s_%s' % ('exe', arch)]) + if not expected_sum: + ydl.report_warning('no hash information found for the release') + elif sha256sum(exe + '.new') != expected_sum: + ydl.to_screen('unable to verify the new executable') + try: + os.remove(exe + '.new') + except OSError: + return ydl.to_screen('unable to remove corrupt download') + + try: + os.rename(exe, exe + '.old') + except (IOError, OSError): + return ydl.to_screen('unable to move current version') + try: + os.rename(exe + '.new', exe) + except (IOError, OSError): + ydl.to_screen('unable to overwrite current version') + os.rename(exe + '.old', exe) + return + try: + # Continues to run in the background + subprocess.Popen( + 'ping 127.0.0.1 -n 5 -w 1000 & del /F "%s.old"' % exe, + shell=True, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + ydl.to_screen('Updated youtube-dlc to version %s' % latest_version) + return True # Exit app + except OSError: + ydl.to_screen('unable to delete old version') + + # Zip unix package + elif isinstance(globals().get('__loader__'), zipimporter): + try: + url = get_bin_info('zip', '3').get('browser_download_url') + if not url: + return ydl.to_screen('unable to fetch updates') + urlh = ydl._opener.open(url) + newcontent = urlh.read() + urlh.close() + except (IOError, OSError, StopIteration): + return ydl.to_screen('unable to download latest version') + + expected_sum = sha256sums_dict.get('youtube-dlc%s' % version_labels['%s_%s' % ('zip', '3')]) + if not expected_sum: + ydl.report_warning('no hash information found for the release') + elif hashlib.sha256(newcontent).hexdigest() != expected_sum: + return ydl.to_screen('unable to verify the new zip') + + try: + with open(filename, 'wb') as outf: + outf.write(newcontent) + except (IOError, OSError): + return ydl.to_screen('unable to overwrite current version') + + ydl.to_screen('Updated youtube-dlc to version %s; Restart youtube-dlc to use the new version' % latest_version) def update_self(to_screen, verbose, opener): @@ -35,7 +191,7 @@ def update_self(to_screen, verbose, opener): UPDATE_URL = 'https://blackjack4494.github.io//update/' VERSION_URL = UPDATE_URL + 'LATEST_VERSION' JSON_URL = UPDATE_URL + 'versions.json' - UPDATES_RSA_KEY = (0x9d60ee4d8f805312fdb15a62f87b95bd66177b91df176765d13514a0f1754bcd2057295c5b6f1d35daa6742c3ffc9a82d3e118861c207995a8031e151d863c9927e304576bc80692bc8e094896fcf11b66f3e29e04e3a71e9a11558558acea1840aec37fc396fb6b65dc81a1c4144e03bd1c011de62e3f1357b327d08426fe93, 65537) + # UPDATES_RSA_KEY = (0x9d60ee4d8f805312fdb15a62f87b95bd66177b91df176765d13514a0f1754bcd2057295c5b6f1d35daa6742c3ffc9a82d3e118861c207995a8031e151d863c9927e304576bc80692bc8e094896fcf11b66f3e29e04e3a71e9a11558558acea1840aec37fc396fb6b65dc81a1c4144e03bd1c011de62e3f1357b327d08426fe93, 65537) def sha256sum(): h = hashlib.sha256() @@ -83,11 +239,8 @@ def update_self(to_screen, verbose, opener): if 'signature' not in versions_info: to_screen('ERROR: the versions file is not signed or corrupted. Aborting.') return - signature = versions_info['signature'] + # signature = versions_info['signature'] del versions_info['signature'] - if not rsa_verify(json.dumps(versions_info, sort_keys=True).encode('utf-8'), signature, UPDATES_RSA_KEY): - to_screen('ERROR: the versions file signature is invalid. Aborting.') - return version_id = versions_info['latest']