Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[vcpkg] Add sources for TLS 1.2 downloader tool. #15516

Merged
merged 10 commits into from
Jan 13, 2021
Merged

[vcpkg] Add sources for TLS 1.2 downloader tool. #15516

merged 10 commits into from
Jan 13, 2021

Conversation

BillyONeal
Copy link
Member

These are the sources for tls12-download.exe in #15474.

@BillyONeal BillyONeal added category:vcpkg-feature The issue is a new capability of the tool that doesn’t already exist and we haven’t committed info:internal This PR or Issue was filed by the vcpkg team. labels Jan 8, 2021
@BillyONeal BillyONeal mentioned this pull request Jan 8, 2021
Merged
@BillyONeal
Copy link
Member Author

This passes in official signed builds but not here because here we try to build the program with the optimizer off, which means the optimizer doesn't eliminate all the references to the CRT, and for some reason a CRT isn't being linked with despite setting MSVC_RUNTIME_LIBRARY to MultiThreaded. Will do some more investigation tomorrow...

strega-nil
strega-nil suggested changes Jan 12, 2021
View reviewed changes
Copy link
Contributor

@strega-nil strega-nil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've written comments on the C code, but not the winhttp code; I don't understand winhttp, so I don't feel comfortable making suggestions on the code using it (at least without more deep study).

The other thing I'd like to see changed is the camelCase; this project uses snek_case, and I'd like to see this rewritten to use the project's style.

ras0219
ras0219 reviewed Jan 12, 2021
View reviewed changes
Copy link
Contributor

@ras0219 ras0219 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need to do better proxy handling along the lines of

vcpkg/toolsrc/src/vcpkg/base/downloads.cpp

Lines 95 to 145 in 9c63f97

auto h = WinHttpOpen(L"vcpkg/1.0",
IsWindows8Point1OrGreater() ? WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY
: WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
WINHTTP_NO_PROXY_NAME,
WINHTTP_NO_PROXY_BYPASS,
0);
if (!h) return Strings::concat("WinHttpOpen() failed: ", GetLastError());
WinHttpSession ret;
ret.m_hSession.reset(h);
// If the environment variable HTTPS_PROXY is set
// use that variable as proxy. This situation might exist when user is in a company network
// with restricted network/proxy settings
auto maybe_https_proxy_env = System::get_environment_variable("HTTPS_PROXY");
if (auto p_https_proxy = maybe_https_proxy_env.get())
{
std::wstring env_proxy_settings = Strings::to_utf16(*p_https_proxy);
WINHTTP_PROXY_INFO proxy;
proxy.dwAccessType = WINHTTP_ACCESS_TYPE_NAMED_PROXY;
proxy.lpszProxy = env_proxy_settings.data();
proxy.lpszProxyBypass = nullptr;
WinHttpSetOption(ret.m_hSession.get(), WINHTTP_OPTION_PROXY, &proxy, sizeof(proxy));
}
// Win7 IE Proxy fallback
else if (IsWindows7OrGreater() && !IsWindows8Point1OrGreater())
{
// First check if any proxy has been found automatically
WINHTTP_PROXY_INFO proxyInfo;
DWORD proxyInfoSize = sizeof(WINHTTP_PROXY_INFO);
auto noProxyFound =
!WinHttpQueryOption(ret.m_hSession.get(), WINHTTP_OPTION_PROXY, &proxyInfo, &proxyInfoSize) ||
proxyInfo.dwAccessType == WINHTTP_ACCESS_TYPE_NO_PROXY;
// If no proxy was found automatically, use IE's proxy settings, if any
if (noProxyFound)
{
WINHTTP_CURRENT_USER_IE_PROXY_CONFIG ieProxy;
if (WinHttpGetIEProxyConfigForCurrentUser(&ieProxy) && ieProxy.lpszProxy != nullptr)
{
WINHTTP_PROXY_INFO proxy;
proxy.dwAccessType = WINHTTP_ACCESS_TYPE_NAMED_PROXY;
proxy.lpszProxy = ieProxy.lpszProxy;
proxy.lpszProxyBypass = ieProxy.lpszProxyBypass;
WinHttpSetOption(ret.m_hSession.get(), WINHTTP_OPTION_PROXY, &proxy, sizeof(proxy));
GlobalFree(ieProxy.lpszProxy);
GlobalFree(ieProxy.lpszProxyBypass);
GlobalFree(ieProxy.lpszAutoConfigUrl);
}
}
}

toolsrc/src/tls12-download.c Outdated
}

write_message(hStdOut, L"\r\n");
FlushFileBuffers(hStdOut);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps it makes sense to add FlushFileBuffers() to win32_abort()?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

abort does not traditionally flush buffers; it's called in cases where e.g. memory corruption has occurred and attempting to flush is not safe.

toolsrc/src/tls12-download.c Outdated

BOOL results = FALSE;
const HINTERNET session = WinHttpOpen(
L"tls12-download/1.0", WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We probably need to do

vcpkg/toolsrc/src/vcpkg/base/downloads.cpp

Line 96 in 9c63f97

IsWindows8Point1OrGreater() ? WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY

Suggested change
L"tls12-download/1.0", WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0);
L"tls12-download/1.0", IsWindows8Point1OrGreater() ? WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY : WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0);

for proxy support

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IsWindows8Point1OrGreater() is false the way this program is built. Certainly for the only platform on which we intend its use.

@BillyONeal
Copy link
Member Author

@ras0219 / @ras0219-msft Considering the absolute mess wpad proxy autodetection has been for cpprestsdk I don't think we want to add that; we certainly don't care about wpad on any other platform or anywhere else in vcpkg since we regularly use curl.

@BillyONeal
Copy link
Member Author

I note that neither cmake nor curl.exe do WPAD.

@BillyONeal BillyONeal requested a review from strega-nil January 12, 2021 19:38
@strega-nil
Copy link
Contributor

strega-nil commented Jan 12, 2021
edited
Loading

This also needs an update to Format-CxxCode.ps1:

--- a/scripts/azure-pipelines/Format-CxxCode.ps1
+++ b/scripts/azure-pipelines/Format-CxxCode.ps1
@@ -37,5 +37,6 @@ try
 {
     $files = Get-ChildItem -Recurse -LiteralPath "$toolsrc/src" -Filter "*.cpp"
+    $files += Get-ChildItem -Recurse -LiteralPath "$toolsrc/src" -Filter "*.c"
     $files += Get-ChildItem -Recurse -LiteralPath "$toolsrc/include/vcpkg" -Filter '*.h'
     $files += Get-ChildItem -Recurse -LiteralPath "$toolsrc/include/vcpkg-test" -Filter '*.h'
     $files += Get-Item "$toolsrc/include/pch.h"

strega-nil
strega-nil suggested changes Jan 12, 2021
View reviewed changes
toolsrc/CMakeLists.txt Outdated
@@ -198,3 +203,11 @@ if(CLANG_FORMAT)

COMMAND ${CLANG_FORMAT} -i -verbose ${VCPKG_FUZZ_SOURCES})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
COMMAND ${CLANG_FORMAT} -i -verbose ${VCPKG_FUZZ_SOURCES})
COMMAND ${CLANG_FORMAT} -i -verbose ${VCPKG_FUZZ_SOURCES}
COMMAND ${CLANG_FORMAT} -i -verbose ${TLS12_DOWNLOAD_SOURCES})

toolsrc/src/tls12-download.c Outdated
* hello world program that does link with the CRT is ~300kb)
*/

void __declspec(noreturn) win32_abort() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's no reason for these to have external linkage; I'd prefer they be marked static.

toolsrc/src/tls12-download.c Outdated
}

DWORD httpCode = 0;
DWORD unused = sizeof(DWORD);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
DWORD unused = sizeof(DWORD);
DWORD httpCodeSize = sizeof httpCode;

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alternatively, see next comment.

toolsrc/src/tls12-download.c Outdated

if (httpCode != 200)
{
write_message(stdOut, L"Download failed, server returned HTTP status ");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
write_message(stdOut, L"Download failed, server returned HTTP status ");
write_message(stdOut, L"Download failed, server returned HTTP status: ");

@ras0219-msft
Copy link
Contributor

I'm ok with skipping WPAD if we add support for %HTTPS_PROXY% (which curl & cmake do support).

@BillyONeal BillyONeal requested a review from strega-nil January 13, 2021 05:16
@BillyONeal BillyONeal merged commit 4da47f7 into microsoft:master Jan 13, 2021
@BillyONeal BillyONeal deleted the add_tls_downloader_tool branch January 15, 2021 22:18
strega-nil pushed a commit to strega-nil/vcpkg that referenced this pull request May 5, 2021
@BillyONeal
[vcpkg] Add sources for TLS 1.2 downloader tool. (microsoft#15516)
44b1c9f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ras0219 ras0219 ras0219 left review comments

@strega-nil strega-nil strega-nil approved these changes

Assignees
No one assigned
Labels
category:vcpkg-feature The issue is a new capability of the tool that doesn’t already exist and we haven’t committed info:internal This PR or Issue was filed by the vcpkg team.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@BillyONeal @strega-nil @ras0219-msft @ras0219