XmrigUpdater and DaemonUpdater carried byte-identical libcurl code —
httpGet, downloadToFile, and the write/progress callbacks — including the
security-critical TLS-verify (SSL_VERIFYPEER=1 / SSL_VERIFYHOST=2) and
max-body-size options, duplicated across two signature-verified
download-and-execute files that had to be hand-kept in sync.
Hoist that machinery into src/util/http_download.{h,cpp}:
- util::httpGetString(url, logTag)
- util::httpDownloadToFile(url, dest, logTag, maxBytes, onProgress)
threading progress + cancellation through a std::function (returning false
aborts the transfer) instead of the class `this` pointer. Each updater's
httpGet/downloadToFile become one-line forwarders that bind their own log
tag and archive-size cap (64 MiB miner / 256 MiB node, both preserved).
Every curl option is preserved byte-identically (verified by diffing the
setopt lines against the pre-change code — the only deltas are the
now-parameterized MAXFILESIZE cap and the XFERINFODATA payload). No behavior
change; the TLS/size-guard options now live in exactly one place.
Deliberately scoped DOWN per the audit's own guidance: the divergent
per-updater logic (release DTOs/parsers, checksum-table parsing, version
compare, and installResolved's per-member-SHA vs transitive-trust verify,
install strategy, and chmod scope) stays in each class — NOT merged behind a
base-class/virtual-hook layer, which would raise review cost on
signature-verified execute-code and risk a subtle security regression. The
shared-DTO/parser consolidation (~77 test refs of churn on stable code) is
left as a separate, lower-value follow-up.
Full-node + Lite build clean; ctest 1/1; source-hygiene clean.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
35 lines
1.7 KiB
C++
35 lines
1.7 KiB
C++
// DragonX Wallet - ImGui Edition
|
|
// Copyright 2024-2026 The Hush Developers
|
|
// Released under the GPLv3
|
|
//
|
|
// Shared libcurl download primitives for the in-app updaters (miner + daemon). Both the
|
|
// XmrigUpdater and DaemonUpdater workers issued byte-identical libcurl GET/download code —
|
|
// including the security-critical TLS-verify and max-body-size options. Sharing it here means
|
|
// those options are defined exactly once, so a curl/TLS change can't silently drift between the
|
|
// two signature-verified download-and-execute paths. The header stays curl-free (callers that
|
|
// only download don't need <curl/curl.h>).
|
|
|
|
#pragma once
|
|
|
|
#include <functional>
|
|
#include <string>
|
|
|
|
namespace dragonx {
|
|
namespace util {
|
|
|
|
// GET `url` over TLS (peer + host verified) into a string. Follows redirects; 30s transfer /
|
|
// 15s connect timeout; browser-agnostic User-Agent. Returns "" on ANY failure (curl error or
|
|
// non-2xx status). `logTag` (e.g. "[xmrig-updater]") prefixes the debug log on failure.
|
|
std::string httpGetString(const std::string& url, const char* logTag);
|
|
|
|
// Download `url` over TLS (peer + host verified) to `destPath`, refusing bodies larger than
|
|
// `maxBytes` (a defense ahead of the checksum/signature check). `onProgress(downloaded, total)`
|
|
// is invoked live during the transfer; returning false aborts it (used for cancellation). On
|
|
// any failure the partial file is removed and false is returned. `logTag` prefixes debug logs.
|
|
bool httpDownloadToFile(const std::string& url, const std::string& destPath,
|
|
const char* logTag, long long maxBytes,
|
|
const std::function<bool(double downloaded, double total)>& onProgress);
|
|
|
|
} // namespace util
|
|
} // namespace dragonx
|