search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #24470 from fuzzard/release_20.3
[xbmc.git] / xbmc / addons / Repository.cpp
blob6708e71c2aff74d2fd297212bbd3b5c9eb17f535
1 /*
2 * Copyright (C) 2005-2018 Team Kodi
3 * This file is part of Kodi - https://kodi.tv
4 *
5 * SPDX-License-Identifier: GPL-2.0-or-later
6 * See LICENSES/README.md for more information.
7 */
8
9 #include "Repository.h"
10
11 #include "FileItem.h"
12 #include "ServiceBroker.h"
13 #include "URL.h"
14 #include "addons/AddonDatabase.h"
15 #include "addons/AddonInstaller.h"
16 #include "addons/AddonManager.h"
17 #include "addons/RepositoryUpdater.h"
18 #include "addons/addoninfo/AddonInfo.h"
19 #include "addons/addoninfo/AddonType.h"
20 #include "filesystem/CurlFile.h"
21 #include "filesystem/File.h"
22 #include "filesystem/ZipFile.h"
23 #include "messaging/helpers/DialogHelper.h"
24 #include "utils/Base64.h"
25 #include "utils/Digest.h"
26 #include "utils/Mime.h"
27 #include "utils/StringUtils.h"
28 #include "utils/URIUtils.h"
29 #include "utils/XBMCTinyXML.h"
30 #include "utils/log.h"
31
32 #include <algorithm>
33 #include <iterator>
34 #include <tuple>
35 #include <utility>
36
37 using namespace XFILE;
38 using namespace ADDON;
39 using namespace KODI::MESSAGING;
40 using KODI::UTILITY::CDigest;
41 using KODI::UTILITY::TypedDigest;
42
43
44 CRepository::ResolveResult CRepository::ResolvePathAndHash(const AddonPtr& addon) const
45 {
46 std::string const& path = addon->Path();
47
48 auto dirIt = std::find_if(m_dirs.begin(), m_dirs.end(), [&path](RepositoryDirInfo const& dir) {
49 return URIUtils::PathHasParent(path, dir.datadir, true);
50 });
51 if (dirIt == m_dirs.end())
52 {
53 CLog::Log(LOGERROR, "Requested path {} not found in known repository directories", path);
54 return {};
55 }
56
57 if (dirIt->hashType == CDigest::Type::INVALID)
58 {
59 // We have a path, but need no hash
60 return {path, {}};
61 }
62
63 // Do not follow mirror redirect, we want the headers of the redirect response
64 CURL url{path};
65 url.SetProtocolOption("redirect-limit", "0");
66 CCurlFile file;
67 if (!file.Open(url))
68 {
69 CLog::Log(LOGERROR, "Could not fetch addon location and hash from {}", path);
70 return {};
71 }
72
73 std::string hashTypeStr = CDigest::TypeToString(dirIt->hashType);
74
75 // Return the location from the header so we don't have to look it up again
76 // (saves one request per addon install)
77 std::string location = file.GetRedirectURL();
78 // content-* headers are base64, convert to base16
79 TypedDigest hash{dirIt->hashType, StringUtils::ToHexadecimal(Base64::Decode(file.GetHttpHeader().GetValue(std::string("content-") + hashTypeStr)))};
80
81 if (hash.Empty())
82 {
83 int tmp;
84 // Expected hash, but none found -> fall back to old method
85 if (!FetchChecksum(path + "." + hashTypeStr, hash.value, tmp) || hash.Empty())
86 {
87 CLog::Log(LOGERROR, "Failed to find hash for {} from HTTP header and in separate file", path);
88 return {};
89 }
90 }
91 if (location.empty())
92 {
93 // Fall back to original URL if we do not get a redirect
94 location = path;
95 }
96
97 CLog::Log(LOGDEBUG, "Resolved addon path {} to {} hash {}", path, location, hash.value);
98
99 return {location, hash};
100 }
101
102 CRepository::CRepository(const AddonInfoPtr& addonInfo) : CAddon(addonInfo, AddonType::REPOSITORY)
103 {
104 RepositoryDirList dirs;
105 CAddonVersion version;
106 AddonInfoPtr addonver =
107 CServiceBroker::GetAddonMgr().GetAddonInfo("xbmc.addon", AddonType::UNKNOWN);
108 if (addonver)
109 version = addonver->Version();
110
111 for (const auto& element : Type(AddonType::REPOSITORY)->GetElements("dir"))
112 {
113 RepositoryDirInfo dir = ParseDirConfiguration(element.second);
114 if ((dir.minversion.empty() || version >= dir.minversion) &&
115 (dir.maxversion.empty() || version <= dir.maxversion))
116 m_dirs.push_back(std::move(dir));
117 }
118
119 // old (dharma compatible) way of defining the addon repository structure, is no longer supported
120 // we error out so the user knows how to migrate. The <dir> way is supported since gotham.
121 //! @todo remove if block completely in v21
122 if (!Type(AddonType::REPOSITORY)->GetValue("info").empty())
123 {
124 CLog::Log(LOGERROR,
125 "Repository add-on {} uses old schema definition for the repository extension point! "
126 "This is no longer supported, please update your addon to use <dir> definitions.",
127 ID());
128 }
129
130 if (m_dirs.empty())
131 {
132 CLog::Log(LOGERROR,
133 "Repository add-on {} does not have any directory and won't be able to update/serve "
134 "addons! Please fix the addon.xml definition",
135 ID());
136 }
137
138 for (auto const& dir : m_dirs)
139 {
140 CURL datadir(dir.datadir);
141 if (datadir.IsProtocol("http"))
142 {
143 CLog::Log(LOGWARNING, "Repository add-on {} uses plain HTTP for add-on downloads in path {} - this is insecure and will make your Kodi installation vulnerable to attacks if enabled!", ID(), datadir.GetRedacted());
144 }
145 else if (datadir.IsProtocol("https") && datadir.HasProtocolOption("verifypeer") && datadir.GetProtocolOption("verifypeer") == "false")
146 {
147 CLog::Log(LOGWARNING, "Repository add-on {} disabled peer verification for add-on downloads in path {} - this is insecure and will make your Kodi installation vulnerable to attacks if enabled!", ID(), datadir.GetRedacted());
148 }
149 }
150 }
151
152 bool CRepository::FetchChecksum(const std::string& url,
153 std::string& checksum,
154 int& recheckAfter) noexcept
155 {
156 CFile file;
157 if (!file.Open(url))
158 return false;
159
160 // we intentionally avoid using file.GetLength() for
161 // Transfer-Encoding: chunked servers.
162 std::stringstream ss;
163 char temp[1024];
164 int read;
165 while ((read = file.Read(temp, sizeof(temp))) > 0)
166 ss.write(temp, read);
167 if (read <= -1)
168 return false;
169 checksum = ss.str();
170 std::size_t pos = checksum.find_first_of(" \n");
171 if (pos != std::string::npos)
172 {
173 checksum = checksum.substr(0, pos);
174 }
175
176 // Determine update interval from (potential) HTTP response
177 // Default: 24 h
178 recheckAfter = 24 * 60 * 60;
179 // This special header is set by the Kodi mirror redirector to control client update frequency
180 // depending on the load on the mirrors
181 const std::string recheckAfterHeader{
182 file.GetProperty(FILE_PROPERTY_RESPONSE_HEADER, "X-Kodi-Recheck-After")};
183 if (!recheckAfterHeader.empty())
184 {
185 try
186 {
187 // Limit value range to sensible values (1 hour to 1 week)
188 recheckAfter =
189 std::max(std::min(std::stoi(recheckAfterHeader), 24 * 7 * 60 * 60), 1 * 60 * 60);
190 }
191 catch (...)
192 {
193 CLog::Log(LOGWARNING, "Could not parse X-Kodi-Recheck-After header value '{}' from {}",
194 recheckAfterHeader, url);
195 }
196 }
197
198 return true;
199 }
200
201 bool CRepository::FetchIndex(const RepositoryDirInfo& repo,
202 std::string const& digest,
203 std::vector<AddonInfoPtr>& addons) noexcept
204 {
205 XFILE::CCurlFile http;
206
207 std::string response;
208 if (!http.Get(repo.info, response))
209 {
210 CLog::Log(LOGERROR, "CRepository: failed to read {}", repo.info);
211 return false;
212 }
213
214 if (repo.checksumType != CDigest::Type::INVALID)
215 {
216 std::string actualDigest = CDigest::Calculate(repo.checksumType, response);
217 if (!StringUtils::EqualsNoCase(digest, actualDigest))
218 {
219 CLog::Log(LOGERROR, "CRepository: {} index has wrong digest {}, expected: {}", repo.info, actualDigest, digest);
220 return false;
221 }
222 }
223
224 if (URIUtils::HasExtension(repo.info, ".gz")
225 || CMime::GetFileTypeFromMime(http.GetProperty(XFILE::FILE_PROPERTY_MIME_TYPE)) == CMime::EFileType::FileTypeGZip)
226 {
227 CLog::Log(LOGDEBUG, "CRepository '{}' is gzip. decompressing", repo.info);
228 std::string buffer;
229 if (!CZipFile::DecompressGzip(response, buffer))
230 {
231 CLog::Log(LOGERROR, "CRepository: failed to decompress gzip from '{}'", repo.info);
232 return false;
233 }
234 response = std::move(buffer);
235 }
236
237 return CServiceBroker::GetAddonMgr().AddonsFromRepoXML(repo, response, addons);
238 }
239
240 CRepository::FetchStatus CRepository::FetchIfChanged(const std::string& oldChecksum,
241 std::string& checksum,
242 std::vector<AddonInfoPtr>& addons,
243 int& recheckAfter) const
244 {
245 checksum = "";
246 std::vector<std::tuple<RepositoryDirInfo const&, std::string>> dirChecksums;
247 std::vector<int> recheckAfterTimes;
248
249 for (const auto& dir : m_dirs)
250 {
251 if (!dir.checksum.empty())
252 {
253 std::string part;
254 int recheckAfterThisDir;
255 if (!FetchChecksum(dir.checksum, part, recheckAfterThisDir))
256 {
257 recheckAfter = 1 * 60 * 60; // retry after 1 hour
258 CLog::Log(LOGERROR, "CRepository: failed read '{}'", dir.checksum);
259 return STATUS_ERROR;
260 }
261 dirChecksums.emplace_back(dir, part);
262 recheckAfterTimes.push_back(recheckAfterThisDir);
263 checksum += part;
264 }
265 }
266
267 // Default interval: 24 h
268 recheckAfter = 24 * 60 * 60;
269 if (dirChecksums.size() == m_dirs.size() && !dirChecksums.empty())
270 {
271 // Use smallest update interval out of all received (individual intervals per directory are
272 // not possible)
273 recheckAfter = *std::min_element(recheckAfterTimes.begin(), recheckAfterTimes.end());
274 // If all directories have checksums and they match the last one, nothing has changed
275 if (dirChecksums.size() == m_dirs.size() && oldChecksum == checksum)
276 return STATUS_NOT_MODIFIED;
277 }
278
279 for (const auto& dirTuple : dirChecksums)
280 {
281 std::vector<AddonInfoPtr> tmp;
282 if (!FetchIndex(std::get<0>(dirTuple), std::get<1>(dirTuple), tmp))
283 return STATUS_ERROR;
284 addons.insert(addons.end(), tmp.begin(), tmp.end());
285 }
286 return STATUS_OK;
287 }
288
289 RepositoryDirInfo CRepository::ParseDirConfiguration(const CAddonExtensions& configuration)
290 {
291 RepositoryDirInfo dir;
292 dir.checksum = configuration.GetValue("checksum").asString();
293 std::string checksumStr = configuration.GetValue("checksum@verify").asString();
294 if (!checksumStr.empty())
295 {
296 dir.checksumType = CDigest::TypeFromString(checksumStr);
297 }
298 dir.info = configuration.GetValue("info").asString();
299 dir.datadir = configuration.GetValue("datadir").asString();
300 dir.artdir = configuration.GetValue("artdir").asString();
301 if (dir.artdir.empty())
302 {
303 dir.artdir = dir.datadir;
304 }
305
306 std::string hashStr = configuration.GetValue("hashes").asString();
307 StringUtils::ToLower(hashStr);
308 if (hashStr == "true")
309 {
310 // Deprecated alias
311 hashStr = "md5";
312 }
313 if (!hashStr.empty() && hashStr != "false")
314 {
315 dir.hashType = CDigest::TypeFromString(hashStr);
316 if (dir.hashType == CDigest::Type::MD5)
317 {
318 CLog::Log(LOGWARNING, "CRepository::{}: Repository has MD5 hashes enabled - this hash function is broken and will only guard against unintentional data corruption", __FUNCTION__);
319 }
320 }
321
322 dir.minversion = CAddonVersion{configuration.GetValue("@minversion").asString()};
323 dir.maxversion = CAddonVersion{configuration.GetValue("@maxversion").asString()};
324
325 return dir;
326 }
XBMC Media Center