Created
March 11, 2016 15:44
-
-
Save bradfitz/5c17a11e1f631e81073c to your computer and use it in GitHub Desktop.
program to download Go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"bytes" | |
"crypto/x509" | |
"encoding/hex" | |
"flag" | |
"io" | |
"log" | |
"net/http" | |
"os" | |
"path" | |
"strings" | |
) | |
var ( | |
guessFilename = flag.Bool("O", false, "guess filename") | |
outFile = flag.String("o", "", "filename to write to; if blank, stdout") | |
) | |
func main() { | |
flag.Parse() | |
if flag.NArg() != 1 { | |
log.Fatal("Usage: dlgo <URL>") | |
} | |
u := flag.Arg(0) | |
if !strings.HasPrefix(u, "https://storage.googleapis.com/golang/") { | |
log.Fatalf("Invalid Go URL %q; doesn't start with https://storage.googleapis.com/golang/") | |
} | |
if *guessFilename { | |
if *outFile != "" { | |
log.Fatalf("incompatible options -o and -O") | |
} | |
*outFile = path.Base(u) | |
} | |
of := os.Stdout | |
if *outFile != "" { | |
var err error | |
of, err = os.Create(*outFile) | |
if err != nil { | |
log.Fatal(err) | |
} | |
} | |
// Google Internet Authority G2, valid until end of 2016 | |
googCASig, err := hex.DecodeString("" + | |
"aafaa920cd6a6783ed5ed47ede1dc47fe0250600" + | |
"c524fba9c82d6d7ede9d82652c816334663ee952" + | |
"c208b4cb2ff75f993a6a9c507a85058c7dd12a48" + | |
"84d3096c7cc2cd359ff382ee52de685fe4008a17" + | |
"2096f7298d9a4dcba8de86c80d6f5687037d033f" + | |
"dcfa797d2119f9c83a2f51768cc74192718f25ce" + | |
"37f84a4c0023efc43510aee02380737c4d342ec8" + | |
"6e90d6101e9984731a70f2ed550eee1706ea67ee" + | |
"32eb2cdd67073ff68bc270de5b00e6bb1bd3361a" + | |
"226c6cb035426c90093d93e96409220e85069fc2" + | |
"7321d3e65f80e48d85223a7303b1608eae68e2f4" + | |
"3e97e76012096836de3ad6e243955b378192811f" + | |
"bb8dd7ad5264165796d95e347ec835d8", | |
) | |
if err != nil { | |
log.Fatal(err) | |
} | |
req, _ := http.NewRequest("GET", u, nil) | |
res, err := http.DefaultTransport.RoundTrip(req) | |
if err != nil { | |
log.Fatal(err) | |
} | |
if res.TLS == nil { | |
log.Fatalf("Not TLS") | |
} | |
sawGoog := false | |
for _, verifiedChain := range res.TLS.VerifiedChains { | |
for _, cert := range verifiedChain { | |
if cert.IsCA && | |
cert.Subject.CommonName == "Google Internet Authority G2" && | |
cert.SignatureAlgorithm == x509.SHA256WithRSA && | |
bytes.Equal(cert.Signature, googCASig) { | |
sawGoog = true | |
break | |
} | |
} | |
} | |
if !sawGoog { | |
log.Fatalf("didn't see Google's CA cert in the TLS chain") | |
} | |
if res.StatusCode != 200 { | |
log.Fatalf("Invalid response status code: %v", res.Status) | |
} | |
if _, err := io.Copy(of, res.Body); err != nil { | |
log.Fatal(err) | |
} | |
if err := of.Close(); err != nil { | |
log.Fatal(err) | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment