mirror of
https://github.com/safing/portmaster
synced 2025-09-02 02:29:12 +00:00
80664d1a27
* Move portbase into monorepo * Add new simple module mgr * [WIP] Switch to new simple module mgr * Add StateMgr and more worker variants * [WIP] Switch more modules * [WIP] Switch more modules * [WIP] swtich more modules * [WIP] switch all SPN modules * [WIP] switch all service modules * [WIP] Convert all workers to the new module system * [WIP] add new task system to module manager * [WIP] Add second take for scheduling workers * [WIP] Add FIXME for bugs in new scheduler * [WIP] Add minor improvements to scheduler * [WIP] Add new worker scheduler * [WIP] Fix more bug related to new module system * [WIP] Fix start handing of the new module system * [WIP] Improve startup process * [WIP] Fix minor issues * [WIP] Fix missing subsystem in settings * [WIP] Initialize managers in constructor * [WIP] Move module event initialization to constrictors * [WIP] Fix setting for enabling and disabling the SPN module * [WIP] Move API registeration into module construction * [WIP] Update states mgr for all modules * [WIP] Add CmdLine operation support * Add state helper methods to module group and instance * Add notification and module status handling to status package * Fix starting issues * Remove pilot widget and update security lock to new status data * Remove debug logs * Improve http server shutdown * Add workaround for cleanly shutting down firewall+netquery * Improve logging * Add syncing states with notifications for new module system * Improve starting, stopping, shutdown; resolve FIXMEs/TODOs * [WIP] Fix most unit tests * Review new module system and fix minor issues * Push shutdown and restart events again via API * Set sleep mode via interface * Update example/template module * [WIP] Fix spn/cabin unit test * Remove deprecated UI elements * Make log output more similar for the logging transition phase * Switch spn hub and observer cmds to new module system * Fix log sources * Make worker mgr less error prone * Fix tests and minor issues * Fix observation hub * Improve shutdown and restart handling * Split up big connection.go source file * Move varint and dsd packages to structures repo * Improve expansion test * Fix linter warnings * Fix interception module on windows * Fix linter errors --------- Co-authored-by: Vladimir Stoilov <vladimir@safing.io>
318 lines
7.9 KiB
Go
318 lines
7.9 KiB
Go
package updates
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"flag"
|
|
"fmt"
|
|
"net/url"
|
|
"runtime"
|
|
"time"
|
|
|
|
"github.com/safing/portmaster/base/database"
|
|
"github.com/safing/portmaster/base/dataroot"
|
|
"github.com/safing/portmaster/base/log"
|
|
"github.com/safing/portmaster/base/updater"
|
|
"github.com/safing/portmaster/service/mgr"
|
|
"github.com/safing/portmaster/service/updates/helper"
|
|
)
|
|
|
|
const (
|
|
onWindows = runtime.GOOS == "windows"
|
|
|
|
enableSoftwareUpdatesKey = "core/automaticUpdates"
|
|
enableIntelUpdatesKey = "core/automaticIntelUpdates"
|
|
|
|
// ModuleName is the name of the update module
|
|
// and can be used when declaring module dependencies.
|
|
ModuleName = "updates"
|
|
|
|
// VersionUpdateEvent is emitted every time a new
|
|
// version of a monitored resource is selected.
|
|
// During module initialization VersionUpdateEvent
|
|
// is also emitted.
|
|
VersionUpdateEvent = "active version update"
|
|
|
|
// ResourceUpdateEvent is emitted every time the
|
|
// updater successfully performed a resource update.
|
|
// ResourceUpdateEvent is emitted even if no new
|
|
// versions are available. Subscribers are expected
|
|
// to check if new versions of their resources are
|
|
// available by checking File.UpgradeAvailable().
|
|
ResourceUpdateEvent = "resource update"
|
|
)
|
|
|
|
var (
|
|
registry *updater.ResourceRegistry
|
|
|
|
userAgentFromFlag string
|
|
updateServerFromFlag string
|
|
|
|
updateASAP bool
|
|
disableTaskSchedule bool
|
|
|
|
db = database.NewInterface(&database.Options{
|
|
Local: true,
|
|
Internal: true,
|
|
})
|
|
|
|
// UserAgent is an HTTP User-Agent that is used to add
|
|
// more context to requests made by the registry when
|
|
// fetching resources from the update server.
|
|
UserAgent = fmt.Sprintf("Portmaster (%s %s)", runtime.GOOS, runtime.GOARCH)
|
|
|
|
// DefaultUpdateURLs defines the default base URLs of the update server.
|
|
DefaultUpdateURLs = []string{
|
|
"https://updates.safing.io",
|
|
}
|
|
|
|
// DisableSoftwareAutoUpdate specifies whether software updates should be disabled.
|
|
// This is used on Android, as it will never require binary updates.
|
|
DisableSoftwareAutoUpdate = false
|
|
)
|
|
|
|
const (
|
|
updatesDirName = "updates"
|
|
|
|
updateTaskRepeatDuration = 1 * time.Hour
|
|
)
|
|
|
|
func init() {
|
|
flag.StringVar(&updateServerFromFlag, "update-server", "", "set an alternative update server (full URL)")
|
|
flag.StringVar(&userAgentFromFlag, "update-agent", "", "set an alternative user agent for requests to the update server")
|
|
}
|
|
|
|
func prep() error {
|
|
// Check if update server URL supplied via flag is a valid URL.
|
|
if updateServerFromFlag != "" {
|
|
u, err := url.Parse(updateServerFromFlag)
|
|
if err != nil {
|
|
return fmt.Errorf("supplied update server URL is invalid: %w", err)
|
|
}
|
|
if u.Scheme != "https" {
|
|
return errors.New("supplied update server URL must use HTTPS")
|
|
}
|
|
}
|
|
|
|
if err := registerConfig(); err != nil {
|
|
return err
|
|
}
|
|
|
|
return registerAPIEndpoints()
|
|
}
|
|
|
|
func start() error {
|
|
initConfig()
|
|
|
|
module.restartWorkerMgr.Repeat(10 * time.Minute)
|
|
module.instance.Config().EventConfigChange.AddCallback("update registry config", updateRegistryConfig)
|
|
|
|
// create registry
|
|
registry = &updater.ResourceRegistry{
|
|
Name: ModuleName,
|
|
UpdateURLs: DefaultUpdateURLs,
|
|
UserAgent: UserAgent,
|
|
MandatoryUpdates: helper.MandatoryUpdates(),
|
|
AutoUnpack: helper.AutoUnpackUpdates(),
|
|
Verification: helper.VerificationConfig,
|
|
DevMode: devMode(),
|
|
Online: true,
|
|
}
|
|
// Override values from flags.
|
|
if userAgentFromFlag != "" {
|
|
registry.UserAgent = userAgentFromFlag
|
|
}
|
|
if updateServerFromFlag != "" {
|
|
registry.UpdateURLs = []string{updateServerFromFlag}
|
|
}
|
|
|
|
// pre-init state
|
|
updateStateExport, err := LoadStateExport()
|
|
if err != nil {
|
|
log.Debugf("updates: failed to load exported update state: %s", err)
|
|
} else if updateStateExport.UpdateState != nil {
|
|
err := registry.PreInitUpdateState(*updateStateExport.UpdateState)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
// initialize
|
|
err = registry.Initialize(dataroot.Root().ChildDir(updatesDirName, 0o0755))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// register state provider
|
|
err = registerRegistryStateProvider()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
registry.StateNotifyFunc = pushRegistryState
|
|
|
|
// Set indexes based on the release channel.
|
|
warning := helper.SetIndexes(
|
|
registry,
|
|
initialReleaseChannel,
|
|
true,
|
|
enableSoftwareUpdates() && !DisableSoftwareAutoUpdate,
|
|
enableIntelUpdates(),
|
|
)
|
|
if warning != nil {
|
|
log.Warningf("updates: %s", warning)
|
|
}
|
|
|
|
err = registry.LoadIndexes(module.m.Ctx())
|
|
if err != nil {
|
|
log.Warningf("updates: failed to load indexes: %s", err)
|
|
}
|
|
|
|
err = registry.ScanStorage("")
|
|
if err != nil {
|
|
log.Warningf("updates: error during storage scan: %s", err)
|
|
}
|
|
|
|
registry.SelectVersions()
|
|
module.EventVersionsUpdated.Submit(struct{}{})
|
|
|
|
// Initialize the version export - this requires the registry to be set up.
|
|
err = initVersionExport()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// start updater task
|
|
if !disableTaskSchedule {
|
|
_ = module.updateWorkerMgr.Repeat(30 * time.Minute)
|
|
}
|
|
|
|
if updateASAP {
|
|
module.updateWorkerMgr.Go()
|
|
}
|
|
|
|
// react to upgrades
|
|
if err := initUpgrader(); err != nil {
|
|
return err
|
|
}
|
|
|
|
warnOnIncorrectParentPath()
|
|
|
|
return nil
|
|
}
|
|
|
|
// TriggerUpdate queues the update task to execute ASAP.
|
|
func TriggerUpdate(forceIndexCheck, downloadAll bool) error {
|
|
switch {
|
|
case !forceIndexCheck && !enableSoftwareUpdates() && !enableIntelUpdates():
|
|
return errors.New("automatic updating is disabled")
|
|
|
|
default:
|
|
if forceIndexCheck {
|
|
forceCheck.Set()
|
|
}
|
|
if downloadAll {
|
|
forceDownload.Set()
|
|
}
|
|
|
|
// If index check if forced, start quicker.
|
|
module.updateWorkerMgr.Go()
|
|
}
|
|
|
|
log.Debugf("updates: triggering update to run as soon as possible")
|
|
return nil
|
|
}
|
|
|
|
// DisableUpdateSchedule disables the update schedule.
|
|
// If called, updates are only checked when TriggerUpdate()
|
|
// is called.
|
|
func DisableUpdateSchedule() error {
|
|
// TODO: Updater state should be always on
|
|
// switch module.Status() {
|
|
// case modules.StatusStarting, modules.StatusOnline, modules.StatusStopping:
|
|
// return errors.New("module already online")
|
|
// }
|
|
|
|
disableTaskSchedule = true
|
|
|
|
return nil
|
|
}
|
|
|
|
func checkForUpdates(ctx *mgr.WorkerCtx) (err error) {
|
|
// Set correct error if context was canceled.
|
|
defer func() {
|
|
select {
|
|
case <-ctx.Done():
|
|
err = context.Canceled
|
|
default:
|
|
}
|
|
}()
|
|
|
|
// Get flags.
|
|
forceIndexCheck := forceCheck.SetToIf(true, false)
|
|
downloadAll := forceDownload.SetToIf(true, false)
|
|
|
|
// Check again if downloading updates is enabled, or forced.
|
|
if !forceIndexCheck && !enableSoftwareUpdates() && !enableIntelUpdates() {
|
|
log.Warningf("updates: automatic updates are disabled")
|
|
return nil
|
|
}
|
|
|
|
defer func() {
|
|
// Resolve any error and send success notification.
|
|
if err == nil {
|
|
log.Infof("updates: successfully checked for updates")
|
|
notifyUpdateSuccess(forceIndexCheck)
|
|
return
|
|
}
|
|
|
|
// Log and notify error.
|
|
log.Errorf("updates: check failed: %s", err)
|
|
notifyUpdateCheckFailed(forceIndexCheck, err)
|
|
}()
|
|
|
|
if err = registry.UpdateIndexes(ctx.Ctx()); err != nil {
|
|
err = fmt.Errorf("failed to update indexes: %w", err)
|
|
return //nolint:nakedret // TODO: Would "return err" work with the defer?
|
|
}
|
|
|
|
err = registry.DownloadUpdates(ctx.Ctx(), downloadAll)
|
|
if err != nil {
|
|
err = fmt.Errorf("failed to download updates: %w", err)
|
|
return //nolint:nakedret // TODO: Would "return err" work with the defer?
|
|
}
|
|
|
|
registry.SelectVersions()
|
|
|
|
// Unpack selected resources.
|
|
err = registry.UnpackResources()
|
|
if err != nil {
|
|
err = fmt.Errorf("failed to unpack updates: %w", err)
|
|
return //nolint:nakedret // TODO: Would "return err" work with the defer?
|
|
}
|
|
|
|
// Purge old resources
|
|
registry.Purge(2)
|
|
|
|
module.EventResourcesUpdated.Submit(struct{}{})
|
|
return nil
|
|
}
|
|
|
|
func stop() error {
|
|
if registry != nil {
|
|
err := registry.Cleanup()
|
|
if err != nil {
|
|
log.Warningf("updates: failed to clean up registry: %s", err)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// RootPath returns the root path used for storing updates.
|
|
func RootPath() string {
|
|
// if !module.Online() {
|
|
// return ""
|
|
// }
|
|
|
|
return registry.StorageDir().Path
|
|
}
|