diff --git a/setup/linux-installer.py b/setup/linux-installer.py index bc035e2b91..32916913c2 100644 --- a/setup/linux-installer.py +++ b/setup/linux-installer.py @@ -13,7 +13,6 @@ from contextlib import closing is64bit = platform.architecture()[0] == '64bit' url = 'http://status.calibre-ebook.com/dist/linux'+('64' if is64bit else '32') -signature_url = 'http://code.calibre-ebook.com/signatures/%s.sha512' url = os.environ.get('CALIBRE_INSTALLER_LOCAL_URL', url) py3 = sys.version_info[0] > 2 enc = getattr(sys.stdout, 'encoding', 'UTF-8') or 'utf-8' @@ -609,7 +608,7 @@ def extract_tarball(raw, destdir): def get_tarball_info(): global signature, calibre_version print ('Downloading tarball signature securely...') - raw = get_https_resource_securely('https://status.calibre-ebook.com/tarball-info/' + + raw = get_https_resource_securely('https://code.calibre-ebook.com/tarball-info/' + ('x86_64' if is64bit else 'i686')) signature, calibre_version = raw.rpartition(b'@')[::2] if not signature or not calibre_version: diff --git a/setup/upload.py b/setup/upload.py index 09fe8130ae..58a86b5e5a 100644 --- a/setup/upload.py +++ b/setup/upload.py @@ -282,16 +282,10 @@ class UploadToServer(Command): # {{{ def run(self, opts): upload_signatures() - check_call('gpg --armor --detach-sign dist/calibre-*.tar.xz', - shell=True) - check_call('scp dist/calibre-*.tar.xz.asc divok:%s/signatures/'%DOWNLOADS, - shell=True) - check_call('ssh divok /usr/local/bin/update-calibre', - shell=True) - check_call('''ssh divok echo %s \\> %s/latest_version''' - %(__version__, DOWNLOADS), shell=True) - check_call('ssh divok /etc/init.d/apache2 graceful', - shell=True) + check_call('gpg --armor --detach-sign dist/calibre-*.tar.xz', shell=True) + check_call('scp dist/calibre-*.tar.xz.asc code:/srv/code/signatures/', shell=True) + check_call('ssh code /etc/cron.hourly/update-calibre-code.py'.split()) + check_call(('ssh code /apps/update-calibre-version.py ' + __version__).split()) # }}} # Testing {{{ diff --git a/src/calibre/gui2/update.py b/src/calibre/gui2/update.py index 04d3b21f5f..97fed98b15 100644 --- a/src/calibre/gui2/update.py +++ b/src/calibre/gui2/update.py @@ -1,22 +1,22 @@ __license__ = 'GPL v3' __copyright__ = '2008, Kovid Goyal ' -import re, binascii, cPickle +import re, binascii, cPickle, ssl from future_builtins import map from threading import Thread, Event from PyQt5.Qt import (QObject, pyqtSignal, Qt, QUrl, QDialog, QGridLayout, QLabel, QCheckBox, QDialogButtonBox, QIcon, QPixmap) -import mechanize from calibre.constants import (__appname__, __version__, iswindows, isosx, isportable, is64bit, numeric_version) -from calibre import browser, prints, as_unicode +from calibre import prints, as_unicode from calibre.utils.config import prefs +from calibre.utils.https import get_https_resource_securely from calibre.gui2 import config, dynamic, open_url from calibre.gui2.dialogs.plugin_updater import get_plugin_updates_available -URL = 'http://status.calibre-ebook.com/latest' +URL = 'https://code.calibre-ebook.com/latest' # URL = 'http://localhost:8000/latest' NO_CALIBRE_UPDATE = (0, 0, 0) @@ -28,13 +28,21 @@ def get_download_url(): return 'http://calibre-ebook.com/download_' + which def get_newest_version(): - br = browser() - req = mechanize.Request(URL) - req.add_header('CALIBRE_VERSION', __version__) - req.add_header('CALIBRE_OS', - 'win' if iswindows else 'osx' if isosx else 'oth') - req.add_header('CALIBRE_INSTALL_UUID', prefs['installation_uuid']) - version = br.open(req).read().strip() + headers={ + 'CALIBRE-VERSION':__version__, + 'CALIBRE-OS': ('win' if iswindows else 'osx' if isosx else 'oth'), + 'CALIBRE-INSTALL-UUID': prefs['installation_uuid'] + } + try: + version = get_https_resource_securely(URL, headers=headers) + except ssl.SSLError as err: + if getattr(err, 'reason', None) != 'CERTIFICATE_VERIFY_FAILED': + raise + # certificate verification failed, since the version check contains no + # critical information, ignore and proceed + # We have to do this as if the calibre CA certificate ever + # needs to be revoked, then we wont be able to do version checks + version = get_https_resource_securely(URL, headers=headers, cacerts=None) try: version = version.decode('utf-8').strip() except UnicodeDecodeError: