From e017c2dfa68f139dd419462ff81566eb5398b034 Mon Sep 17 00:00:00 2001 From: Martin Wimpress Date: Tue, 16 Apr 2024 19:18:15 +0100 Subject: [PATCH] refactor: update download_windows_server() based on Mido --- quickget | 46 +++++++++++++++++++++++++++++++++++++--------- 1 file changed, 37 insertions(+), 9 deletions(-) diff --git a/quickget b/quickget index 7514d1c..1cd0219 100755 --- a/quickget +++ b/quickget @@ -3449,11 +3449,17 @@ function download_windows_server() { local url="https://www.microsoft.com/en-us/evalcenter/download-$windows_version" - local iso_download_page_html="$(curl --silent --location --fail --proto =https --tlsv1.2 --http1.1 -- "$url")" || { + local iso_download_page_html="$(curl --silent --location --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url")" || { handle_curl_error $? return $? } + if ! [ "$iso_download_page_html" ]; then + # This should only happen if there's been some change to where this download page is located + echo " - Windows server download page gave us an empty response" + return 1 + fi + local CULTURE="" local COUNTRY="" local PRETTY_RELEASE="" @@ -3504,24 +3510,46 @@ function download_windows_server() { COUNTRY="US";; esac - iso_download_links="$(echo "$iso_download_page_html" | grep -o "https://go.microsoft.com/fwlink/p/?LinkID=[0-9]\+&clcid=0x[0-9a-z]\+&culture=$CULTURE&country=$COUNTRY" | head -c 1024)" + iso_download_links="$(echo "$iso_download_page_html" | grep -o "https://go.microsoft.com/fwlink/p/?LinkID=[0-9]\+&clcid=0x[0-9a-z]\+&culture=$CULTURE&country=$COUNTRY")" || { + # This should only happen if there's been some change to the download endpoint web address + echo "- Windows server download page gave us no download link" + return 1 + } + + # Limit untrusted size for input validation + iso_download_links="$(echo "$iso_download_links" | head -c 1024)" case "$enterprise_type" in + # Select x64 download link + "enterprise") iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;; # Select x64 LTSC download link "ltsc") iso_download_link=$(echo "$iso_download_links" | head -n 4 | tail -n 1) ;; *) iso_download_link="$iso_download_links" ;; esac - iso_download_link="$(curl --silent --location --output /dev/null --silent --write-out "%{url_effective}" --head --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_download_link")" + # Follow redirect so proceeding log message is useful + # This is a request we make this Fido doesn't + # We don't need to set "--max-filesize" here because this is a HEAD request and the output is to /dev/null anyway + iso_download_link="$(curl --silent --location --output /dev/null --silent --write-out "%{url_effective}" --head --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_download_link")" || { + # This should only happen if the Microsoft servers are down + handle_curl_error $? + return $? + } - if [ "${COUNTRY}" != "US" ]; then - echo Downloading $(pretty_name "${OS}") ${PRETTY_RELEASE} in "${LANG}" from "$iso_download_link" - else - echo Downloading $(pretty_name "${OS}") ${PRETTY_RELEASE} from "$iso_download_link" - fi + # Limit untrusted size for input validation + iso_download_link="$(echo "$iso_download_link" | head -c 1024)" + echo "Downloading $(pretty_name "${OS}") ${PRETTY_RELEASE} (${LANG}): $iso_download_link" + + # Use highest TLS version for endpoints that support it + case "$iso_download_link" in + "https://download.microsoft.com"*) tls_version="1.2" ;; + *) tls_version="1.3" ;; + esac + + # Download ISO FILE_NAME="${iso_download_link##*/}" - web_get "$iso_download_link" "${VM_PATH}" "${FILE_NAME}" + curl_windows "${VM_PATH}" "${FILE_NAME}" "$tls_version" "$iso_download_link" OS="windows-server" }