You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

89 lines
3.4 KiB

  1. #!/usr/bin/env python
  2. import sys, os
  3. import json, hashlib
  4. try:
  5. import urllib.request as compat_urllib_request
  6. except ImportError: # Python 2
  7. import urllib2 as compat_urllib_request
  8. def rsa_verify(message, signature, key):
  9. from struct import pack
  10. from hashlib import sha256
  11. from sys import version_info
  12. def b(x):
  13. if version_info[0] == 2: return x
  14. else: return x.encode('latin1')
  15. assert(type(message) == type(b('')))
  16. block_size = 0
  17. n = key[0]
  18. while n:
  19. block_size += 1
  20. n >>= 8
  21. signature = pow(int(signature, 16), key[1], key[0])
  22. raw_bytes = []
  23. while signature:
  24. raw_bytes.insert(0, pack("B", signature & 0xFF))
  25. signature >>= 8
  26. signature = (block_size - len(raw_bytes)) * b('\x00') + b('').join(raw_bytes)
  27. if signature[0:2] != b('\x00\x01'): return False
  28. signature = signature[2:]
  29. if not b('\x00') in signature: return False
  30. signature = signature[signature.index(b('\x00'))+1:]
  31. if not signature.startswith(b('\x30\x31\x30\x0D\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20')): return False
  32. signature = signature[19:]
  33. if signature != sha256(message).digest(): return False
  34. return True
  35. sys.stderr.write(u'Hi! We changed distribution method and now youtube-dl needs to update itself one more time.\n')
  36. sys.stderr.write(u'This will only happen once. Simply press enter to go on. Sorry for the trouble!\n')
  37. sys.stderr.write(u'From now on, get the binaries from http://rg3.github.com/youtube-dl/download.html, not from the git repository.\n\n')
  38. try:
  39. raw_input()
  40. except NameError: # Python 3
  41. input()
  42. filename = sys.argv[0]
  43. UPDATE_URL = "http://rg3.github.com/youtube-dl/update/"
  44. VERSION_URL = UPDATE_URL + 'LATEST_VERSION'
  45. JSON_URL = UPDATE_URL + 'versions.json'
  46. UPDATES_RSA_KEY = (0x9d60ee4d8f805312fdb15a62f87b95bd66177b91df176765d13514a0f1754bcd2057295c5b6f1d35daa6742c3ffc9a82d3e118861c207995a8031e151d863c9927e304576bc80692bc8e094896fcf11b66f3e29e04e3a71e9a11558558acea1840aec37fc396fb6b65dc81a1c4144e03bd1c011de62e3f1357b327d08426fe93, 65537)
  47. if not os.access(filename, os.W_OK):
  48. sys.exit('ERROR: no write permissions on %s' % filename)
  49. try:
  50. versions_info = compat_urllib_request.urlopen(JSON_URL).read().decode('utf-8')
  51. versions_info = json.loads(versions_info)
  52. except:
  53. sys.exit(u'ERROR: can\'t obtain versions info. Please try again later.')
  54. if not 'signature' in versions_info:
  55. sys.exit(u'ERROR: the versions file is not signed or corrupted. Aborting.')
  56. signature = versions_info['signature']
  57. del versions_info['signature']
  58. if not rsa_verify(json.dumps(versions_info, sort_keys=True).encode('utf-8'), signature, UPDATES_RSA_KEY):
  59. sys.exit(u'ERROR: the versions file signature is invalid. Aborting.')
  60. version = versions_info['versions'][versions_info['latest']]
  61. try:
  62. urlh = compat_urllib_request.urlopen(version['bin'][0])
  63. newcontent = urlh.read()
  64. urlh.close()
  65. except (IOError, OSError) as err:
  66. sys.exit('ERROR: unable to download latest version')
  67. newcontent_hash = hashlib.sha256(newcontent).hexdigest()
  68. if newcontent_hash != version['bin'][1]:
  69. sys.exit(u'ERROR: the downloaded file hash does not match. Aborting.')
  70. try:
  71. with open(filename, 'wb') as outf:
  72. outf.write(newcontent)
  73. except (IOError, OSError) as err:
  74. sys.exit('ERROR: unable to overwrite current version')
  75. sys.stderr.write(u'Done! Now you can run youtube-dl.\n')