-
-
Notifications
You must be signed in to change notification settings - Fork 9
/
install.go
434 lines (357 loc) · 12.3 KB
/
install.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
// Copyright (c) Liam Stanley <liam@liam.sh>. All rights reserved. Use of
// this source code is governed by the MIT license that can be found in
// the LICENSE file.
package ytdlp
import (
"bufio"
"bytes"
"context"
"crypto/sha256"
_ "embed"
"fmt"
"io"
"net/http"
"os"
"os/exec"
"path/filepath"
"runtime"
"strings"
"sync"
"sync/atomic"
"time"
"github.com/ProtonMail/go-crypto/openpgp"
)
const (
xdgCacheDir = "go-ytdlp" // Cache directory that will be appended to the XDG cache directory.
downloadTimeout = 30 * time.Second // HTTP timeout for downloading the yt-dlp binary.
)
var (
//go:embed ytdlp-public.key
ytdlpPublicKey []byte // From: https://github.com/yt-dlp/yt-dlp/blob/master/public.key
resolveCache = atomic.Pointer[ResolvedInstall]{} // Should only be used by [Install].
installLock sync.Mutex
binConfigs = map[string]struct {
src string
dest []string
}{
"darwin_amd64": {"yt-dlp_macos", []string{"yt-dlp-" + Version, "yt-dlp"}},
"darwin_arm64": {"yt-dlp_macos", []string{"yt-dlp-" + Version, "yt-dlp"}},
"linux_amd64": {"yt-dlp_linux", []string{"yt-dlp-" + Version, "yt-dlp"}},
"linux_arm64": {"yt-dlp_linux_aarch64", []string{"yt-dlp-" + Version, "yt-dlp"}},
"linux_armv7l": {"yt-dlp_linux_armv7l", []string{"yt-dlp-" + Version, "yt-dlp"}},
"linux_unknown": {"yt-dlp", []string{"yt-dlp-" + Version, "yt-dlp"}},
"windows_amd64": {"yt-dlp.exe", []string{"yt-dlp-" + Version + ".exe", "yt-dlp.exe"}},
}
)
// getDownloadBinary returns the source and destination binary names for the
// current runtime. If the current runtime is not supported, an error is
// returned. dest will always be returned (it will be an assumption).
func getDownloadBinary() (src string, dest []string, err error) {
if binary, ok := binConfigs[runtime.GOOS+"_"+runtime.GOARCH]; ok {
return binary.src, binary.dest, nil
}
if runtime.GOOS == "linux" {
return binConfigs["linux_unknown"].src, binConfigs["linux_unknown"].dest, nil
}
var supported []string
for k := range binConfigs {
supported = append(supported, k)
}
if runtime.GOOS == "windows" {
dest = []string{"yt-dlp.exe"}
} else {
dest = []string{"yt-dlp"}
}
return "", dest, fmt.Errorf("unsupported os/arch combo: %s/%s (supported: %s)", runtime.GOOS, runtime.GOARCH, strings.Join(supported, ", "))
}
// InstallOptions are configuration options for installing yt-dlp dynamically (when
// it's not already installed).
type InstallOptions struct {
// DisableDownload is a simple toggle to never allow downloading, which would
// be the same as never calling [Install] or [MustInstall] in the first place.
DisableDownload bool
// DisableChecksum disables checksum verification when downloading.
DisableChecksum bool
// AllowVersionMismatch allows mismatched versions to be used and installed.
// This will only be used when the yt-dlp executable is resolved outside of
// go-ytdlp's cache.
//
// AllowVersionMismatch is ignored if DisableDownload is true.
AllowVersionMismatch bool
// DownloadURL is the exact url to the binary location to download (and store).
// Leave empty to use GitHub + auto-detected os/arch.
DownloadURL string
}
func downloadFile(ctx context.Context, url, dest string, perms os.FileMode) error {
f, err := os.OpenFile(dest, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, perms)
if err != nil {
return fmt.Errorf("unable to create go-ytdlp dependent cache file %q: %w", dest, err)
}
defer f.Close()
// Download the binary.
client := &http.Client{Timeout: downloadTimeout}
req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, http.NoBody)
if err != nil {
return fmt.Errorf("unable to download go-ytdlp dependent file %q: request creation: %w", dest, err)
}
req.Header.Set("User-Agent", fmt.Sprintf("github.com/lrstanley/go-ytdlp; version/%s", Version))
resp, err := client.Do(req)
if err != nil {
return fmt.Errorf("unable to download go-ytdlp dependent file %q: %w", dest, err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return fmt.Errorf("unable to download go-ytdlp dependent file %q: bad status: %s", dest, resp.Status)
}
_, err = f.ReadFrom(resp.Body)
if err != nil {
return fmt.Errorf("unable to download go-ytdlp dependent file %q: streaming data: %w", dest, err)
}
err = f.Close()
if err != nil {
return fmt.Errorf("unable to download go-ytdlp dependent file %q: closing file: %w", dest, err)
}
return nil
}
func githubReleaseAsset(name string) string {
return fmt.Sprintf("https://github.com/yt-dlp/yt-dlp/releases/download/%s/%s", Version, name)
}
// verifyFileChecksum will verify the checksum of the target file, using the
// checksum file and signature file. If the checksum does not match, an error
// is returned. If the checksum file wasn't signed with the bundled public key,
// an error is also returned.
//
// - checksum file is expected to be SHA256.
// - checkAgainst is the name that we should compare to, that will be in the checksum
// file. If empty, it will use the base name of targetPath.
func verifyFileChecksum(checksumPath, signaturePath, targetPath, checkAgainst string) error {
if checkAgainst == "" {
checkAgainst = filepath.Base(targetPath)
}
// First validate that the checksum has been properly signed using the known key.
keyBuf := bytes.NewBuffer(ytdlpPublicKey)
signatureFile, err := os.Open(signaturePath)
if err != nil {
return err
}
defer signatureFile.Close()
checksumFile, err := os.Open(checksumPath)
if err != nil {
return err
}
defer checksumFile.Close()
targetFile, err := os.Open(targetPath)
if err != nil {
return err
}
defer targetFile.Close()
keyring, err := openpgp.ReadArmoredKeyRing(keyBuf)
if err != nil {
return fmt.Errorf("unable to read armored key ring: %w", err)
}
_, err = openpgp.CheckDetachedSignature(keyring, checksumFile, signatureFile, nil)
if err != nil {
return fmt.Errorf("unable to check detached signature: %w", err)
}
// Now make sure the checksum from checksumFile matches the target file.
hash := sha256.New()
if _, err = io.Copy(hash, targetFile); err != nil {
return err
}
sum := fmt.Sprintf("%x", hash.Sum(nil))
_, err = checksumFile.Seek(0, 0)
if err != nil {
return err
}
scanner := bufio.NewScanner(checksumFile)
for scanner.Scan() {
fields := strings.Fields(scanner.Text())
if len(fields) != 2 { //nolint:gomnd
continue
}
if fields[1] == checkAgainst {
if fields[0] != sum {
return fmt.Errorf("checksum mismatch: expected %s, got %s", fields[0], sum)
}
return nil
}
}
return fmt.Errorf("unable to find checksum for %s", filepath.Base(targetPath))
}
// Install will check to see if yt-dlp is installed (if it's the right version),
// and if not, will download it from GitHub. If yt-dlp is already installed, it will
// check to see if the version matches (unless disabled with [AllowVersionMismatch]),
// and if not, will download the same version that go-ytdlp (the version you are using)
// was built with.
//
// Note: If [Install] is not called, go-ytdlp WILL NOT DOWNLOAD yt-dlp. Only use
// this function if you want to ensure yt-dlp is installed, and are ok with it being
// downloaded.
func Install(ctx context.Context, opts *InstallOptions) (*ResolvedInstall, error) {
if opts == nil {
opts = &InstallOptions{}
}
if r := resolveCache.Load(); r != nil {
return r, nil
}
// Ensure only one install invocation is running at a time.
installLock.Lock()
defer installLock.Unlock()
resolved, err := resolveExecutable(false, false)
if err == nil {
if opts.AllowVersionMismatch {
resolveCache.Store(resolved)
return resolved, nil
}
if resolved.Version == Version {
resolveCache.Store(resolved)
return resolved, nil
}
// If we're not allowed to download, and the version doesn't match, return
// an error.
if opts.DisableDownload {
return nil, fmt.Errorf("yt-dlp version mismatch: expected %s, got %s", Version, resolved.Version)
}
}
if opts.DisableDownload {
return nil, fmt.Errorf("yt-dlp executable not found, and downloading is disabled")
}
src, dest, err := getDownloadBinary()
if err != nil {
return nil, err
}
downloadURL := opts.DownloadURL
if downloadURL == "" {
downloadURL = githubReleaseAsset(src)
}
baseCacheDir, err := os.UserCacheDir()
if err != nil {
return nil, fmt.Errorf("unable to get user cache dir: %w", err)
}
dir := filepath.Join(baseCacheDir, xdgCacheDir)
err = os.MkdirAll(dir, 0o750)
if err != nil {
return nil, fmt.Errorf("unable to create yt-dlp executable cache directory: %w", err)
}
err = downloadFile(ctx, downloadURL, filepath.Join(dir, dest[0]+".tmp"), 0o750) //nolint:gomnd
if err != nil {
return nil, err
}
if !opts.DisableChecksum {
err = downloadFile(ctx, githubReleaseAsset("SHA2-256SUMS"), filepath.Join(dir, "SHA2-256SUMS-"+Version), 0o640) //nolint:gomnd
if err != nil {
return nil, err
}
err = downloadFile(ctx, githubReleaseAsset("SHA2-256SUMS.sig"), filepath.Join(dir, "SHA2-256SUMS-"+Version+".sig"), 0o640) //nolint:gomnd
if err != nil {
return nil, err
}
err = verifyFileChecksum(
filepath.Join(dir, "SHA2-256SUMS-"+Version),
filepath.Join(dir, "SHA2-256SUMS-"+Version+".sig"),
filepath.Join(dir, dest[0]+".tmp"),
src,
)
if err != nil {
return nil, err
}
}
// Rename the file to the correct name.
err = os.Rename(filepath.Join(dir, dest[0]+".tmp"), filepath.Join(dir, dest[0]))
if err != nil {
return nil, fmt.Errorf("unable to rename yt-dlp executable: %w", err)
}
// re-resolve now that we've downloaded the binary, and validated things.
resolved, err = resolveExecutable(false, true)
if err != nil {
return nil, err
}
resolveCache.Store(resolved)
return resolved, nil
}
// MustInstall is the same as [Install], but will panic if an error occurs (essentially
// ensuring yt-dlp is installed, before continuing), and doesn't return any results.
func MustInstall(ctx context.Context, opts *InstallOptions) {
_, err := Install(ctx, opts)
if err != nil {
panic(err)
}
}
// resolveExecutable will attempt to resolve the yt-dlp executable, either from
// the go-ytdlp cache (first), or from the PATH (second). If it's not found, an
// error is returned.
func resolveExecutable(fromCache, calleeIsDownloader bool) (r *ResolvedInstall, err error) {
if fromCache {
r = resolveCache.Load()
if r != nil {
return r, nil
}
}
_, dest, _ := getDownloadBinary() // don't check error yet.
var stat os.FileInfo
var bin, baseCacheDir string
baseCacheDir, err = os.UserCacheDir()
if err == nil {
// Check out cache dirs first.
for _, d := range dest {
bin = filepath.Join(baseCacheDir, xdgCacheDir, d)
stat, err = os.Stat(bin)
if err != nil {
continue
}
if !stat.IsDir() && (stat.Mode().Perm()&0o100 != 0 || stat.Mode().Perm()&0o010 != 0 || stat.Mode().Perm()&0o001 != 0) {
r = &ResolvedInstall{
Executable: bin,
FromCache: true,
Downloaded: calleeIsDownloader,
}
if calleeIsDownloader {
r.Version = Version
} else {
err = r.getVersion()
if err != nil {
return nil, err
}
}
return r, nil
}
}
}
// Check PATH for the binary.
for _, d := range dest {
bin, err = exec.LookPath(d)
if err == nil {
r = &ResolvedInstall{
Executable: bin,
FromCache: false,
Downloaded: false,
}
err = r.getVersion()
if err != nil {
return nil, err
}
return r, nil
}
}
// Will pick the last error, which is likely without the version suffix, what we want.
return nil, fmt.Errorf("unable to resolve yt-dlp executable: %w", err)
}
// ResolvedInstall is the found yt-dlp executable.
type ResolvedInstall struct {
Executable string // Path to the yt-dlp executable.
Version string // Version of yt-dlp that was resolved. If [InstallOptions.AllowVersionMismatch] is specified, this will be empty.
FromCache bool // Whether the executable was resolved from the cache.
Downloaded bool // Whether the executable was downloaded during this invocation.
}
// getVersion returns true if the resolved version of yt-dlp matches the version
// that go-ytdlp was built with.
func (r *ResolvedInstall) getVersion() error {
var stdout bytes.Buffer
cmd := exec.Command(r.Executable, "--version") //nolint:gosec
cmd.Stdout = &stdout
if err := cmd.Run(); err != nil {
return fmt.Errorf("unable to run yt-dlp to verify version: %w", err)
}
r.Version = strings.TrimSpace(stdout.String())
return nil
}