KiCad PCB EDA Suite
Loading...
Searching...
No Matches
remote_symbol_download_manager.cpp
Go to the documentation of this file.
1/*
2 * This program source code file is part of KiCad, a free EDA CAD application.
3 *
4 * Copyright The KiCad Developers, see AUTHORS.txt for contributors.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 3 of the License, or (at your
9 * option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20#include <remote_symbol_download_manager.h>
21
22#include <curl/curl.h>
23#include <kicad_curl/kicad_curl_easy.h>
24#include <picosha2.h>
25#include <remote_provider_utils.h>
26#include <wx/intl.h>
27
28
29namespace
30{
31bool validateAssetUrl( const REMOTE_PROVIDER_METADATA& aProvider, const wxString& aUrl,
32 wxString& aError )
33{
34 if( !ValidateRemoteUrlSecurity( aUrl, aProvider.allow_insecure_localhost, aError,
35 _( "Remote asset URL" ) ) )
36 {
37 return false;
38 }
39
40 const wxString assetOrigin = NormalizedUrlOrigin( aUrl );
41 const wxString apiOrigin = NormalizedUrlOrigin( aProvider.api_base_url );
42 const wxString panelOrigin = NormalizedUrlOrigin( aProvider.panel_url );
43 const bool originAllowed =
44 ( !apiOrigin.IsEmpty() && assetOrigin == apiOrigin )
45 || ( !panelOrigin.IsEmpty() && assetOrigin == panelOrigin );
46
47 if( assetOrigin.IsEmpty() || !originAllowed )
48 {
49 aError = _( "Remote asset URL origin must match the selected provider." );
50 return false;
51 }
52
53 return true;
54}
55
56
57bool defaultFetchHandler( const wxString& aUrl, REMOTE_SYMBOL_FETCH_RESPONSE& aResponse, wxString& aError )
58{
59 KICAD_CURL_EASY curl;
60 curl.SetUserAgent( "KiCad-RemoteProvider/1.0" );
61 curl.SetFollowRedirects( false );
62 curl.SetConnectTimeout( 10 );
63
64 if( !curl.SetURL( aUrl.ToStdString() ) )
65 {
66 aError = wxString::Format( _( "Unable to set download URL '%s'." ), aUrl );
67 return false;
68 }
69
70 const int result = curl.Perform();
71
72 if( result != CURLE_OK )
73 {
74 aError = wxString::FromUTF8( curl.GetErrorText( result ).c_str() );
75 return false;
76 }
77
78 aResponse.status_code = curl.GetResponseStatusCode();
79
80 char* contentType = nullptr;
81 curl_easy_getinfo( static_cast<CURL*>( curl.GetCurl() ), CURLINFO_CONTENT_TYPE, &contentType );
82
83 if( contentType )
84 aResponse.content_type = wxString::FromUTF8( contentType );
85
86 const std::string& buffer = curl.GetBuffer();
87 aResponse.payload.assign( buffer.begin(), buffer.end() );
88 return true;
89}
90
91
92wxString sha256Hex( const std::vector<uint8_t>& aPayload )
93{
94 std::string hashHex;
95 picosha2::hash256_hex_string( aPayload.begin(), aPayload.end(), hashHex );
96 return wxString::FromUTF8( hashHex.c_str() );
97}
98} // namespace
99
100
105
106
111
112
113bool REMOTE_SYMBOL_DOWNLOAD_MANAGER::DownloadAndVerify( const REMOTE_PROVIDER_METADATA& aProvider,
114 const REMOTE_PROVIDER_PART_ASSET& aAsset,
115 long long aRemainingBudget,
116 REMOTE_SYMBOL_FETCHED_ASSET& aFetched,
117 wxString& aError ) const
118{
119 aFetched = REMOTE_SYMBOL_FETCHED_ASSET();
120 aError.clear();
121
122 if( aAsset.size_bytes <= 0 )
123 {
124 aError = _( "Remote asset manifest declared an invalid size." );
125 return false;
126 }
127
128 if( aAsset.sha256.IsEmpty() )
129 {
130 aError = _( "Remote asset manifest must declare sha256 for URL-based downloads." );
131 return false;
132 }
133
134 if( !validateAssetUrl( aProvider, aAsset.download_url, aError ) )
135 return false;
136
137 if( aRemainingBudget >= 0 && aAsset.size_bytes > aRemainingBudget )
138 {
139 aError = _( "Remote asset exceeds the provider download limit." );
140 return false;
141 }
142
143 REMOTE_SYMBOL_FETCH_RESPONSE response;
144
145 if( !m_handler( aAsset.download_url, response, aError ) )
146 return false;
147
148 if( response.status_code < 200 || response.status_code >= 300 )
149 {
150 aError = wxString::Format( _( "Remote download failed with HTTP %d." ), response.status_code );
151 return false;
152 }
153
154 if( response.content_type != aAsset.content_type )
155 {
156 aError = _( "Remote asset content type did not match the manifest." );
157 return false;
158 }
159
160 if( static_cast<long long>( response.payload.size() ) != aAsset.size_bytes )
161 {
162 aError = _( "Remote asset size did not match the manifest." );
163 return false;
164 }
165
166 if( aRemainingBudget >= 0 && static_cast<long long>( response.payload.size() ) > aRemainingBudget )
167 {
168 aError = _( "Remote asset exceeds the remaining download limit." );
169 return false;
170 }
171
172 if( !aAsset.sha256.IsEmpty() && !sha256Hex( response.payload ).IsSameAs( aAsset.sha256, false ) )
173 {
174 aError = _( "Remote asset digest did not match the manifest." );
175 return false;
176 }
177
178 aFetched.content_type = response.content_type;
179 aFetched.payload = std::move( response.payload );
180 return true;
181}
BITMAPS::move
@ move
Definition bitmaps_list.h:378
KICAD_CURL_EASY
Definition kicad_curl_easy.h:70
KICAD_CURL_EASY::Perform
int Perform()
Equivalent to curl_easy_perform.
Definition kicad_curl_easy.cpp:206
KICAD_CURL_EASY::SetUserAgent
bool SetUserAgent(const std::string &aAgent)
Set the request user agent.
Definition kicad_curl_easy.cpp:238
KICAD_CURL_EASY::GetResponseStatusCode
int GetResponseStatusCode()
Definition kicad_curl_easy.cpp:376
KICAD_CURL_EASY::GetBuffer
const std::string & GetBuffer()
Return a reference to the received data buffer.
Definition kicad_curl_easy.h:143
KICAD_CURL_EASY::SetURL
bool SetURL(const std::string &aURL)
Set the request URL.
Definition kicad_curl_easy.cpp:277
KICAD_CURL_EASY::SetFollowRedirects
bool SetFollowRedirects(bool aFollow)
Enable the following of HTTP(s) and other redirects, by default curl does not follow redirects.
Definition kicad_curl_easy.cpp:309
KICAD_CURL_EASY::SetConnectTimeout
bool SetConnectTimeout(long aTimeoutSecs)
Set the connection timeout in seconds.
Definition kicad_curl_easy.cpp:354
KICAD_CURL_EASY::GetCurl
CURL * GetCurl()
Definition kicad_curl_easy.h:163
KICAD_CURL_EASY::GetErrorText
const std::string GetErrorText(int aCode)
Fetch CURL's "friendly" error string for a given error code.
Definition kicad_curl_easy.cpp:232
REMOTE_SYMBOL_DOWNLOAD_MANAGER::FETCH_HANDLER
std::function< bool(const wxString &, REMOTE_SYMBOL_FETCH_RESPONSE &, wxString &)> FETCH_HANDLER
Definition remote_symbol_download_manager.h:49
REMOTE_SYMBOL_DOWNLOAD_MANAGER::m_handler
FETCH_HANDLER m_handler
Definition remote_symbol_download_manager.h:60
REMOTE_SYMBOL_DOWNLOAD_MANAGER::REMOTE_SYMBOL_DOWNLOAD_MANAGER
REMOTE_SYMBOL_DOWNLOAD_MANAGER()
Definition remote_symbol_download_manager.cpp:101
REMOTE_SYMBOL_DOWNLOAD_MANAGER::DownloadAndVerify
bool DownloadAndVerify(const REMOTE_PROVIDER_METADATA &aProvider, const REMOTE_PROVIDER_PART_ASSET &aAsset, long long aRemainingBudget, REMOTE_SYMBOL_FETCHED_ASSET &aFetched, wxString &aError) const
Definition remote_symbol_download_manager.cpp:113
_
#define _(s)
Definition eda_3d_actions.cpp:36
kicad_curl_easy.h
CURL
void CURL
Definition kicad_curl_easy.h:44
std
STL namespace.
NormalizedUrlOrigin
wxString NormalizedUrlOrigin(const wxString &aUrl)
Return a normalized scheme://host:port origin string for aUrl.
Definition remote_provider_utils.cpp:100
ValidateRemoteUrlSecurity
bool ValidateRemoteUrlSecurity(const wxString &aUrl, bool aAllowInsecureLocalhost, wxString &aError, const wxString &aLabel)
Validate that aUrl uses HTTPS, or HTTP on a loopback address when aAllowInsecureLocalhost is true.
Definition remote_provider_utils.cpp:78
remote_provider_utils.h
remote_symbol_download_manager.h
REMOTE_PROVIDER_METADATA
Definition remote_provider_metadata.h:48
REMOTE_PROVIDER_METADATA::allow_insecure_localhost
bool allow_insecure_localhost
Definition remote_provider_metadata.h:65
REMOTE_PROVIDER_METADATA::panel_url
wxString panel_url
Definition remote_provider_metadata.h:52
REMOTE_PROVIDER_METADATA::api_base_url
wxString api_base_url
Definition remote_provider_metadata.h:51
REMOTE_PROVIDER_PART_ASSET
Definition remote_provider_models.h:79
REMOTE_PROVIDER_PART_ASSET::sha256
wxString sha256
Definition remote_provider_models.h:86
REMOTE_PROVIDER_PART_ASSET::content_type
wxString content_type
Definition remote_provider_models.h:84
REMOTE_PROVIDER_PART_ASSET::size_bytes
long long size_bytes
Definition remote_provider_models.h:85
REMOTE_PROVIDER_PART_ASSET::download_url
wxString download_url
Definition remote_provider_models.h:87
REMOTE_SYMBOL_FETCHED_ASSET
Definition remote_symbol_download_manager.h:40
REMOTE_SYMBOL_FETCHED_ASSET::content_type
wxString content_type
Definition remote_symbol_download_manager.h:41
REMOTE_SYMBOL_FETCHED_ASSET::payload
std::vector< uint8_t > payload
Definition remote_symbol_download_manager.h:42
REMOTE_SYMBOL_FETCH_RESPONSE
Definition remote_symbol_download_manager.h:32
REMOTE_SYMBOL_FETCH_RESPONSE::payload
std::vector< uint8_t > payload
Definition remote_symbol_download_manager.h:35
REMOTE_SYMBOL_FETCH_RESPONSE::status_code
int status_code
Definition remote_symbol_download_manager.h:33
REMOTE_SYMBOL_FETCH_RESPONSE::content_type
wxString content_type
Definition remote_symbol_download_manager.h:34
result
wxString result
Test unit parsing edge cases and error handling.
Definition test_text_eval_numeric_compat.cpp:602