mirror/vcpkg
1
0
Fork 0
mirror of https://github.com/microsoft/vcpkg.git synced 2025-06-06 23:56:16 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

[vcpkg] Restrict telemetry uploads to TLS 1.2 (#11213)

Browse Source 
* [vcpkg] Restrict telemetry uploads to TLS 1.2, as required by Azure security policy.

Co-authored-by: nicole mazzuca <mazzucan@outlook.com>
This commit is contained in:
Billy O'Neal 2020-05-07 14:20:14 -07:00 committed by GitHub
parent b07e46b368
commit d7d410b50b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/bootstrap.sh
View File

@ -100,7 +100,7 @@ vcpkgDownloadFile()
url=$1; downloadPath=$2 sha512=$3 url=$1; downloadPath=$2 sha512=$3
vcpkgCheckRepoTool "curl" vcpkgCheckRepoTool "curl"
rm -rf "$downloadPath.part" rm -rf "$downloadPath.part"
curl -L $url --create-dirs --retry 3 --output "$downloadPath.part" || exit 1 curl -L $url --tlsv1.2 --create-dirs --retry 3 --output "$downloadPath.part" || exit 1
vcpkgCheckEqualFileHash $url "$downloadPath.part" $sha512 vcpkgCheckEqualFileHash $url "$downloadPath.part" $sha512
mv "$downloadPath.part" "$downloadPath" mv "$downloadPath.part" "$downloadPath"

4
toolsrc/CMakeLists.txt
View File

@ -114,6 +114,9 @@ file(GLOB_RECURSE VCPKGLIB_SOURCES CONFIGURE_DEPENDS src/vcpkg/*.cpp)
add_library(vcpkglib OBJECT ${VCPKGLIB_SOURCES}) add_library(vcpkglib OBJECT ${VCPKGLIB_SOURCES})
add_executable(vcpkg src/vcpkg.cpp $<TARGET_OBJECTS:vcpkglib>) add_executable(vcpkg src/vcpkg.cpp $<TARGET_OBJECTS:vcpkglib>)
if(WIN32)
add_executable(vcpkgmetricsuploader WIN32 src/vcpkgmetricsuploader.cpp $<TARGET_OBJECTS:vcpkglib>)
endif()
if (BUILD_TESTING) if (BUILD_TESTING)
file(GLOB_RECURSE VCPKGTEST_SOURCES CONFIGURE_DEPENDS src/vcpkg-test/*.cpp) file(GLOB_RECURSE VCPKGTEST_SOURCES CONFIGURE_DEPENDS src/vcpkg-test/*.cpp)
@ -154,4 +157,3 @@ if(MSVC)
target_sources(vcpkglib PRIVATE src/pch.cpp) target_sources(vcpkglib PRIVATE src/pch.cpp)
target_compile_options(vcpkglib PRIVATE /Yupch.h /FIpch.h /Zm200) target_compile_options(vcpkglib PRIVATE /Yupch.h /FIpch.h /Zm200)
endif() endif()

11
toolsrc/src/vcpkg/metrics.cpp
View File

@ -315,9 +315,15 @@ namespace vcpkg::Metrics
const HINTERNET session = WinHttpOpen( const HINTERNET session = WinHttpOpen(
L"vcpkg/1.0", WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0); L"vcpkg/1.0", WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0);
if (session) connect = WinHttpConnect(session, L"dc.services.visualstudio.com", INTERNET_DEFAULT_HTTPS_PORT, 0);
unsigned long secure_protocols = WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2;
if (session && WinHttpSetOption(session, WINHTTP_OPTION_SECURE_PROTOCOLS, &secure_protocols, sizeof(DWORD)))
{
connect = WinHttpConnect(session, L"dc.services.visualstudio.com", INTERNET_DEFAULT_HTTPS_PORT, 0);
}
if (connect) if (connect)
{
request = WinHttpOpenRequest(connect, request = WinHttpOpenRequest(connect,
L"POST", L"POST",
L"/v2/track", L"/v2/track",
@ -325,6 +331,7 @@ namespace vcpkg::Metrics
WINHTTP_NO_REFERER, WINHTTP_NO_REFERER,
WINHTTP_DEFAULT_ACCEPT_TYPES, WINHTTP_DEFAULT_ACCEPT_TYPES,
WINHTTP_FLAG_SECURE); WINHTTP_FLAG_SECURE);
}
if (request) if (request)
{ {
@ -448,7 +455,7 @@ namespace vcpkg::Metrics
#else #else
auto escaped_path = Strings::escape_string(vcpkg_metrics_txt_path.u8string(), '\'', '\\'); auto escaped_path = Strings::escape_string(vcpkg_metrics_txt_path.u8string(), '\'', '\\');
const std::string cmd_line = Strings::format( const std::string cmd_line = Strings::format(
R"((curl "https://dc.services.visualstudio.com/v2/track" -H "Content-Type: application/json" -X POST --data '@%s' >/dev/null 2>&1; rm '%s') &)", R"((curl "https://dc.services.visualstudio.com/v2/track" -H "Content-Type: application/json" -X POST --tlsv1.2 --data '@%s' >/dev/null 2>&1; rm '%s') &)",
escaped_path, escaped_path,
escaped_path); escaped_path);
System::cmd_execute_clean(cmd_line); System::cmd_execute_clean(cmd_line);