oSoWoSo/DistroHopper
1
0
Fork 0
mirror of https://github.com/oSoWoSo/DistroHopper.git synced 2024-08-14 22:46:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

quickget: get_windows: validate that download url leads to microsoft cdn (#455)

Browse source 
For windows downloads hashes aren't validated via hashes. Let's at least
validate that downloads are coming from microsoft via https.

Signed-off-by: Steffen Dirkwinkel <me@steffen.cc>
This commit is contained in:
Steffen Dirkwinkel 2022-07-24 02:09:19 +02:00 committed by GitHub
parent 68729159cb
commit c1c5e27538
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
quickget
View file

@ -1687,9 +1687,17 @@ function get_windows() {
dbg_windows "${DOWNLOAD_SHA1}"
DOWNLOAD_ID=$(echo "${DOWNLOAD_INFO}" | grep -oP '(?<=https:\/\/tb\.rg-adguard\.net/dl\.php\?go=)[0-9a-z]+')
dbg_windows "${DOWNLOAD_ID}"
DOWNLOAD_URL="https://tb.rg-adguard.net/dl.php?go=${DOWNLOAD_ID}"
REDIRECT_URL="https://tb.rg-adguard.net/dl.php?go=${DOWNLOAD_ID}"
dbg_windows "${REDIRECT_URL}"
DOWNLOAD_URL=$(curl --head --silent --write-out "%{redirect_url}\n" --output /dev/null "${REDIRECT_URL}")
dbg_windows "${DOWNLOAD_URL}"
MS_BASE_URL="https://software.download.prss.microsoft.com/"
if [[ ! ${DOWNLOAD_URL} =~ ^${MS_BASE_URL} ]]; then
echo "Download URL not leading to Microsoft CDN"
exit 1
fi
echo "Downloading ${WINDOWS_NAME}..."
web_get "${DOWNLOAD_URL}" "${VM_PATH}" "${FILE_NAME}"