| 327 | } |
| 328 | |
| 329 | pub async fn download( |
| 330 | message: &str, |
| 331 | config: Arc<RwLock<ClientConfig>>, |
| 332 | url: &str, |
| 333 | path: &Path, |
| 334 | command_rx: &mut mpsc::Receiver<Message>, |
| 335 | result_tx: &mpsc::Sender<Message>, |
| 336 | ) -> Result<()> { |
| 337 | info!("Downloading {} to {:?}", url, path); |
| 338 | |
| 339 | let mut client = ClientBuilder::default(); |
| 340 | |
| 341 | let danger_accept_invalid_certs = config |
| 342 | .read() |
| 343 | .transport |
| 344 | .tls |
| 345 | .as_ref() |
| 346 | .and_then(|tls| tls.danger_ignore_certificate_verification) |
| 347 | .unwrap_or(false); |
| 348 | |
| 349 | if let Some(tls) = &config.read().transport.tls { |
| 350 | let roots = load_roots(tls).context("Failed to load client config")?; |
| 351 | for cert_der in roots { |
| 352 | let cert = Certificate::from_der(&cert_der)?; |
| 353 | client = client.add_root_certificate(cert); |
| 354 | } |
| 355 | if tls.danger_ignore_certificate_verification.unwrap_or(false) { |
| 356 | client = client.danger_accept_invalid_certs(danger_accept_invalid_certs); |
| 357 | } |
| 358 | } |
| 359 | |
| 360 | let client = match client.build() { |
| 361 | Ok(client) => client, |
| 362 | Err(e) => { |
| 363 | error!( |
| 364 | "Failed to create reqwest client with system certificates: {:?}", |
| 365 | e |
| 366 | ); |
| 367 | warn!("Using default reqwest client"); |
| 368 | reqwest::Client::builder() |
| 369 | .danger_accept_invalid_certs(danger_accept_invalid_certs) |
| 370 | .build() |
| 371 | .context("Failed to create defaut reqwest client")? |
| 372 | } |
| 373 | }; |
| 374 | |
| 375 | // Reqwest setup |
| 376 | let res = client |
| 377 | .get(url) |
| 378 | .send() |
| 379 | .await |
| 380 | .context(format!("Failed to GET from '{}'", &url))?; |
| 381 | |
| 382 | // Check if response status is 200 OK |
| 383 | if !res.status().is_success() { |
| 384 | bail!("HTTP request failed with status: {}", res.status()); |
| 385 | } |
| 386 | |