fix(download): verify etags for resumed requests

Signed-off-by: Marcel Guzik <[email protected]>

Author: Bravo555

crates/common/download/src/download.rs

@@ -5,6 +5,7 @@ use anyhow::anyhow;
 use backoff::future::retry_notify;
 use backoff::ExponentialBackoff;
 use certificate::CloudHttpConfig;
+use hyper::header;
 use log::debug;
 use log::info;
 use log::warn;
@@ -199,6 +200,12 @@ impl Downloader {
         loop {
             let offset = next_request_offset(&prev_response, file);
             let mut response = self.request_range_from(url, offset).await?;
+            // etags in current and previous request must match to resume
+            if !etags_matching(&prev_response, &response) {
+                file.seek(SeekFrom::Start(0)).unwrap();
+                prev_response = response;
+                continue;
+            }
             let offset = partial_response::response_range_start(&response)?;
 
             if offset != 0 {
@@ -211,9 +218,7 @@ impl Downloader {
                 Ok(()) => break,
 
                 Err(SaveChunksError::Network(err)) => {
-                    prev_response = response;
                     warn!("Error while downloading response: {err}.\nRetrying...");
-                    continue;
                 }
 
                 Err(SaveChunksError::Io(err)) => {
@@ -223,6 +228,7 @@ impl Downloader {
                     })
                 }
             }
+            prev_response = response;
         }
 
         Ok(())
@@ -352,6 +358,37 @@ impl Downloader {
     }
 }
 
+fn etags_matching(prev_response: &Response, response: &Response) -> bool {
+    if let Some(etag) = response
+        .headers()
+        .get(header::ETAG)
+        .and_then(|h| h.to_str().ok())
+    {
+        // TODO: handle optional backslashes
+        if etag.starts_with("W/") {
+            // validator is weak, but in range requests tags must match using strong comparison
+            // https://www.rfc-editor.org/rfc/rfc9110#section-13.1.5-12.1
+            return false;
+        }
+
+        let Some(prev_etag) = prev_response
+            .headers()
+            .get(header::ETAG)
+            .and_then(|h| h.to_str().ok())
+        else {
+            // previous request didn't have etag and this does or vice versa, abort
+            return false;
+        };
+
+        if etag != prev_etag {
+            // etags don't match, abort
+            return false;
+        }
+    }
+    // etags match
+    true
+}
+
 /// Decides whether HTTP request error is retryable.
 fn reqwest_err_to_backoff(err: reqwest::Error) -> backoff::Error<reqwest::Error> {
     if err.is_timeout() || err.is_connect() {