Created /NOSSL option that prevents redirects to HTTPS (breaks XP)

Contrib/Inetc/inetc.cpp

@@ -131,6 +131,9 @@
 * Nadahar
 *     Mar 08, 2018 - 1.0.5.4
 *              Created 4. download dialog option: /modernpopup
+* Nadahar
+*     Sep 21, 2018 - 1.0.5.5
+*              Created /NOSSL option that prevents redirects to HTTPS (which breaks Windows XP)
 *******************************************************/
 
 
@@ -139,6 +142,7 @@
 #include <windows.h>
 //#include <tchar.h>
 #include <wininet.h>
+#include <shlwapi.h>
 #include <commctrl.h>
 #include "pluginapi.h"
 #include "resource.h"
@@ -179,9 +183,8 @@ FTP_CMD myFtpCommand;
 #define PROXY_AUTH_HDR TEXT("Proxy-authorization: basic %s")
 
 //#define MY_WEAKSECURITY_CERT_FLAGS SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_REVOCATION | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID | SECURITY_FLAG_IGNORE_CERT_CN_INVALID
-#define MY_WEAKSECURITY_CERT_FLAGS SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_REVOCATION
-#define MY_REDIR_FLAGS INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP | INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS
-#define MY_HTTPS_FLAGS (MY_REDIR_FLAGS | INTERNET_FLAG_SECURE)
+#define MY_WEAKSECURITY_CERT_FLAGS INTERNET_FLAG_IGNORE_CERT_CN_INVALID | INTERNET_FLAG_IGNORE_CERT_DATE_INVALID | INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP
+#define MY_HTTPS_FLAGS (INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS | INTERNET_FLAG_SECURE)
 
 enum STATUS_CODES {
 	ST_OK = 0,
@@ -191,6 +194,7 @@ enum STATUS_CODES {
 	ST_URLOPEN,
 	// ST_OPENING,
 	ST_PAUSE,
+	ST_REDIRECT,
 	ERR_TERMINATED,
 	ERR_DIALOG,
 	ERR_INETOPEN,
@@ -215,19 +219,20 @@ enum STATUS_CODES {
 	ERR_CREATEDIR,
 	ERR_PATH,
 	ERR_NOTMODIFIED,
-	ERR_REDIRECTION
+	ERR_REDIRECTION,
+	ERR_REL_REDIRECTION
 };
 
 
-static TCHAR szStatus[][32] = {
+static TCHAR szStatus[][34] = {
 	TEXT("OK"),TEXT("Connecting"),TEXT("Downloading"),TEXT("Cancelled"),TEXT("Connecting"), //TEXT("Opening URL")),
-	TEXT("Reconnect Pause"),TEXT("Terminated"),TEXT("Dialog Error"),TEXT("Open Internet Error"),
+	TEXT("Reconnect Pause"),TEXT("Redirecting"),TEXT("Terminated"),TEXT("Dialog Error"),TEXT("Open Internet Error"),
 	TEXT("Open URL Error"),TEXT("Transfer Error"),TEXT("File Open Error"),TEXT("File Write Error"),TEXT("File Read Error"),
 	TEXT("Reget Error"),TEXT("Connection Error"),TEXT("OpenRequest Error"),TEXT("SendRequest Error"),
 	TEXT("URL Parts Error"),TEXT("File Not Found (404)"),TEXT("CreateThread Error"),TEXT("Proxy Error (407)"),
 	TEXT("Access Forbidden (403)"),TEXT("Not Allowed (405)"),TEXT("Request Error"),TEXT("Server Error"),
 	TEXT("Unauthorized (401)"),TEXT("FtpCreateDir failed (550)"),TEXT("Error FTP path (550)"),TEXT("Not Modified"), 
-	TEXT("Redirection")
+	TEXT("Redirection Error"), TEXT("Relative Redirection Error")
 };
 
 HINSTANCE g_hInstance;
@@ -241,7 +246,7 @@ TCHAR fn[MAX_PATH]=TEXT(""),
 szCancel[64]=TEXT(""),
 szCaption[128]=TEXT(""),
 szUserAgent[256]=TEXT(""),
-szResume[256] = TEXT("Your internet connection seems to be not permitted or dropped out!\nPlease reconnect and click Retry to resume installation.");
+szResume[256] = TEXT("Your internet connection seems to be unavailable!\nPlease reconnect and click Retry to resume.");
 COLORREF textColor = 0, 
 bgColor = 0;
 bool textColorSet = false, 
@@ -259,7 +264,7 @@ fs = 0,
 timeout = 0,
 receivetimeout = 0;
 DWORD startTime, transfStart, openType;
-bool silent, popup, modernPopup, resume, nocancel, noproxy, nocookies, convToStack, g_ignorecertissues;
+bool silent, popup, modernPopup, resume, nocancel, noproxy, nocookies, convToStack, g_ignorecertissues, nossl;
 
 HWND childwnd;
 HWND hDlg;
@@ -450,9 +455,9 @@ void fileTransfer(HANDLE localFile,
 *****************************************************/
 int mySendRequest(HINTERNET hFile)
 {
-	INTERNET_BUFFERS BufferIn = {0};
 	if(fput)
 	{
+		INTERNET_BUFFERS BufferIn = {0};
 		BufferIn.dwStructSize = sizeof( INTERNET_BUFFERS );
 		BufferIn.dwBufferTotal = fs;
 		return HttpSendRequestEx( hFile, &BufferIn, NULL, HSR_INITIATE, 0);
@@ -490,6 +495,51 @@ bool queryStatus(HINTERNET hFile)
 			status = ERR_NOTALLOWED;
 		else if(lstrcmp(buf, TEXT("304")) == 0)
 			status = ERR_NOTMODIFIED;
+		else if(
+			lstrcmp(buf, TEXT("301")) == 0 ||
+			lstrcmp(buf, TEXT("302")) == 0 ||
+			lstrcmp(buf, TEXT("307")) == 0 ||
+			lstrcmp(buf, TEXT("308")) == 0
+		) {
+			TCHAR *location = (TCHAR*)LocalAlloc(LPTR, (INTERNET_MAX_URL_LENGTH + 1) * sizeof(TCHAR));
+			if(HttpQueryInfo(hFile, HTTP_QUERY_LOCATION, location, &(rslt = sizeof(TCHAR) * INTERNET_MAX_URL_LENGTH), NULL))
+			{
+				if (_tcsstr(location, TEXT(":")) == NULL)
+				{
+					// Relative URL
+					TCHAR *p = (TCHAR*)LocalAlloc(LPTR, (INTERNET_MAX_URL_LENGTH + 1) * sizeof(TCHAR));
+					DWORD len;
+					lstrcpy(p, location);
+					if (UrlCombine(url, p, location, &(len = sizeof(TCHAR) * INTERNET_MAX_URL_LENGTH), 0) != S_OK)
+					{
+						status = ERR_REL_REDIRECTION;
+						wsprintf(szStatus[status] + lstrlen(szStatus[status]), TEXT(" (%s)"), buf);
+						LocalFree(p);
+						LocalFree(location);
+						return true;
+					}
+					LocalFree(p);
+				}
+				if (nossl && _tcsstr(location, TEXT("https:")) == location) {
+					// Replace https: with http:
+					TCHAR *p = (TCHAR*)LocalAlloc(LPTR, (INTERNET_MAX_URL_LENGTH + 1) * sizeof(TCHAR));
+					lstrcpy(p, TEXT("http:"));
+					lstrcat(p, &location[6]);
+					lstrcpy(location, p);
+					LocalFree(p);
+				}
+				LocalFree(url);
+				url = location;
+				status = ST_REDIRECT;
+				return false;
+			}
+			else
+			{
+				status = ERR_REDIRECTION;
+				wsprintf(szStatus[status] + lstrlen(szStatus[status]), TEXT(" (%s)"), buf);
+			}
+			LocalFree(location);
+		}
 		else if(*buf == TEXT('3'))
 		{
 			status = ERR_REDIRECTION;
@@ -734,8 +784,8 @@ HINTERNET openHttpFile(HINTERNET hConn, INTERNET_SCHEME nScheme, TCHAR *path)
 // request itself
 	if(status == ST_URLOPEN)
 	{
-		DWORD secflags = nScheme == INTERNET_SCHEME_HTTPS ? MY_HTTPS_FLAGS : 0;
-		if (Option_IgnoreCertIssues()) secflags |= MY_WEAKSECURITY_CERT_FLAGS;
+		DWORD secflags = nossl ? INTERNET_FLAG_NO_AUTO_REDIRECT : nScheme == INTERNET_SCHEME_HTTPS ? MY_HTTPS_FLAGS : 0;
+		if (!nossl && Option_IgnoreCertIssues()) secflags |= MY_WEAKSECURITY_CERT_FLAGS;
 		DWORD cokflags = nocookies ? (INTERNET_FLAG_NO_CACHE_WRITE | INTERNET_FLAG_NO_COOKIES) : 0;
 		if((hFile = HttpOpenRequest(hConn, fput ? TEXT("PUT") : (fhead ? TEXT("HEAD") : (szPost ? TEXT("POST") : NULL)),
 			path, NULL, NULL, NULL,
@@ -857,14 +907,14 @@ DWORD __stdcall inetTransfer(void *hw)
 	DWORD lastCnt, rslt, err;
 	static TCHAR hdr[2048];
 	TCHAR *host = (TCHAR*)LocalAlloc(LPTR, g_stringsize * sizeof(TCHAR)),
-		*path = (TCHAR*)LocalAlloc(LPTR, g_stringsize * sizeof(TCHAR)),
+		*path = (TCHAR*)LocalAlloc(LPTR, INTERNET_MAX_URL_LENGTH * sizeof(TCHAR)),
 		*params = (TCHAR*)LocalAlloc(LPTR, g_stringsize * sizeof(TCHAR)),
 		*user = (TCHAR*)LocalAlloc(LPTR, g_stringsize * sizeof(TCHAR)),
 		*passwd = (TCHAR*)LocalAlloc(LPTR, g_stringsize * sizeof(TCHAR));
 
 	URL_COMPONENTS uc = {sizeof(URL_COMPONENTS), NULL, 0,
 		(INTERNET_SCHEME)0, host, g_stringsize, 0 , user, g_stringsize,
-		passwd, g_stringsize, path, g_stringsize, params, g_stringsize};
+		passwd, g_stringsize, path, INTERNET_MAX_URL_LENGTH, params, g_stringsize};
 
 	if((hSes = InternetOpen(szUserAgent, openType, szProxy, NULL, 0)) != NULL)
 	{
@@ -894,17 +944,19 @@ DWORD __stdcall inetTransfer(void *hw)
 			//         sf(hDlg);
 			if(popstring(fn) != 0 || lstrcmpi(url, TEXT("/end")) == 0) break;
 			status = ST_CONNECTING;
-			cnt = fs = *host = *user = *passwd = *path = *params = 0;
+			cnt = fs = 0;
 			PostMessage(hDlg, WM_TIMER, 1, 0); // show url & fn, do it sync
 			if(szToStack || (localFile = CreateFile(fn, fput ? GENERIC_READ : GENERIC_WRITE, FILE_SHARE_READ,
 				NULL, fput ? OPEN_EXISTING : CREATE_ALWAYS, 0, NULL)) != INVALID_HANDLE_VALUE)
 			{
-				uc.dwHostNameLength = uc.dwUserNameLength = uc.dwPasswordLength =
-					uc.dwUrlPathLength = uc.dwExtraInfoLength = g_stringsize;
 				if(fput)
 				{
 					fs = GetFileSize(localFile, NULL);
 				}
+crackURL:
+				*host = *user = *passwd = *path = *params = 0;
+				uc.dwHostNameLength = uc.dwUserNameLength = uc.dwPasswordLength = uc.dwExtraInfoLength = g_stringsize;
+				uc.dwUrlPathLength = INTERNET_MAX_URL_LENGTH;
 				if(InternetCrackUrl(url, 0, 0/*ICU_ESCAPE*/ , &uc))
 				{
 					// auth headers for HTTP PUT seems to be lost, preparing encoded login:password
@@ -943,6 +995,10 @@ DWORD __stdcall inetTransfer(void *hw)
 								InternetCloseHandle(hFile);
 								hFile = NULL;
 							}
+							if(status == ST_REDIRECT)
+							{
+								goto crackURL;
+							}
 							if(hFile != NULL)
 							{
 								if(fhead)
@@ -1533,6 +1589,8 @@ void __declspec(dllexport) __cdecl get(HWND hwndParent,
 			silent = true;
 		else if(lstrcmpi(url, TEXT("/weaksecurity")) == 0)
 			g_ignorecertissues = true;
+		else if(lstrcmpi(url, TEXT("/nossl")) == 0)
+			nossl = true;
 		else if(lstrcmpi(url, TEXT("/caption")) == 0)
 			popstring(szCaption);
 		else if(lstrcmpi(url, TEXT("/username")) == 0)

Contrib/Inetc/inetc.rc

@@ -186,8 +186,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 1,0,5,4
- PRODUCTVERSION 1,0,5,4
+ FILEVERSION 1,0,5,5
+ PRODUCTVERSION 1,0,5,5
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -203,12 +203,12 @@ BEGIN
         BLOCK "040904b0"
         BEGIN
             VALUE "FileDescription", "inetc NSIS plug-in"
-            VALUE "FileVersion", "1.0.5.4"
+            VALUE "FileVersion", "1.0.5.5"
             VALUE "InternalName", "inetc.dll"
             VALUE "LegalCopyright", "Copyright � Takhir Bedertdinov"
             VALUE "OriginalFilename", "inetc.dll"
             VALUE "ProductName", "inetc NSIS plug-in"
-            VALUE "ProductVersion", "1.0.5.4"
+            VALUE "ProductVersion", "1.0.5.5"
         END
     END
     BLOCK "VarFileInfo"

Contrib/Inetc/inetc.sln

@@ -1,7 +1,7 @@
 
 Microsoft Visual Studio Solution File, Format Version 11.00
 # Visual Studio 2010
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "inetc", "inetc.vcxproj", "{6B2D8C40-38A9-457A-9FA6-BED0108CAC37}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "INetC", "inetc.vcxproj", "{6B2D8C40-38A9-457A-9FA6-BED0108CAC37}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution

Contrib/Inetc/inetc.vcxproj

@@ -190,7 +190,7 @@
     <Link>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <LinkDLL>true</LinkDLL>
-      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
       <EntryPointSymbol>DllMain</EntryPointSymbol>
       <IgnoreSpecificDefaultLibraries>libc.lib</IgnoreSpecificDefaultLibraries>
@@ -225,7 +225,7 @@
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <LinkDLL>true</LinkDLL>
       <IgnoreAllDefaultLibraries>true</IgnoreAllDefaultLibraries>
-      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
       <IgnoreSpecificDefaultLibraries>libc.lib</IgnoreSpecificDefaultLibraries>
       <EntryPointSymbol>DllMain</EntryPointSymbol>
@@ -262,7 +262,7 @@
       <LinkDLL>true</LinkDLL>
       <GenerateDebugInformation>true</GenerateDebugInformation>
       <ImportLibrary>.\Debug_Unicode\inetc.lib</ImportLibrary>
-      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
       <OutputFile>$(OutDir)$(ProjectName)$(TargetExt)</OutputFile>
     </Link>
@@ -296,7 +296,7 @@
       <LinkDLL>true</LinkDLL>
       <GenerateDebugInformation>true</GenerateDebugInformation>
       <ImportLibrary>.\Debug_Unicode\inetc.lib</ImportLibrary>
-      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
       <OutputFile>$(OutDir)$(ProjectName)$(TargetExt)</OutputFile>
     </Link>
@@ -330,7 +330,7 @@
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <LinkDLL>true</LinkDLL>
       <GenerateDebugInformation>true</GenerateDebugInformation>
-      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
       <OutputFile>$(OutDir)$(ProjectName)$(TargetExt)</OutputFile>
     </Link>
@@ -363,7 +363,7 @@
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <LinkDLL>true</LinkDLL>
       <GenerateDebugInformation>true</GenerateDebugInformation>
-      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
       <OutputFile>$(OutDir)$(ProjectName)$(TargetExt)</OutputFile>
     </Link>
@@ -395,7 +395,7 @@
     <Link>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <LinkDLL>true</LinkDLL>
-      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <IgnoreAllDefaultLibraries>true</IgnoreAllDefaultLibraries>
       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
       <EntryPointSymbol>DllMain</EntryPointSymbol>
@@ -429,7 +429,7 @@
     <Link>
       <SuppressStartupBanner>true</SuppressStartupBanner>
       <LinkDLL>true</LinkDLL>
-      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>wininet.lib;comctl32.lib;odbc32.lib;odbccp32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <IgnoreAllDefaultLibraries>true</IgnoreAllDefaultLibraries>
       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
       <IgnoreSpecificDefaultLibraries>libc.lib</IgnoreSpecificDefaultLibraries>

README.md

@@ -11,9 +11,10 @@ committed the downloaded source files. These changes would otherwise have been s
 I couldn't find an explicit license for [INetC plug-in][1], which means that this is licensed implicitly with the `zLib License`
 according to the [NSIS license][3].
 
-The changes in this version is that a fourth download dialog has been created (`/MODERNPOPUP`). I found the
-existing `/POPUP` dialog to be visually outdated and with a strange organization of the download information.
-No functionality related to the download itself has been changed.
+Changes in this fork are:
+* **1.0.5.3** - Added options `/TEXTCOLOR "RRGGBB"` and `/BGCOLOR "RRGGBB"`
+* **1.0.5.4** - Created a 4th download dialog `/MODERNPOPUP`
+* **1.0.5.5** - Created option `/NOSSL` which prevents redirects from HTTP to HTTPS
 
 Nadahar