The four virus definition files mpas-feX64.exe, mpas-fe.exe, mpam-fex64.exe, and mpam-fe.exe seem to be a major problem. I have a quite stable connection, and I can see the outdoor DSLAM of the Deutsche Telekom right from my window. This is a grey box, as shown in
https://de.wikipedia.org/wiki/DSLAM , and it is only 20 meters away.
Still, I already got four damaged files, all of them virus definition files. The other downloads are never damaged.
The problem is, that these files may be changing on the server, while wget is retrieving them. This will interrupt the download, but wget will just try again and continue the download. wget keeps the already downloaded parts and writes to the same file, until the download is complete. But if the file contents change between these tries, the saved file will be damaged.
I am now testing a new approach to download these files:
- wget is used with the option --tries=1. It only gets one try for each download.
- Then the script must do the error handling itself: It must distinguish between transient errors and major errors like "connection refused" or "file not found".
- After transient errors, the download is started again up to ten times, with a delay ranging from 10 seconds to 90 seconds.
This is similar to what wget can do itself, but the difference is, that wget can not just continue the download, but has to start from nothing on each try. As a result, wget should finally download one complete, undamaged file.
As a simple Linux script, this approach looks like:
- Code: Select all
#!/bin/bash
# Filename: get-virus-definitions.sh
#
# A simple script to download the four virus definition files
# mpas-feX64.exe, mpas-fe.exe, mpam-fex64.exe, and mpam-fe.exe, using
# a new, robust download method.
#
# Run the script from wsusoffline/sh or another directory at the same
# level, because the script expects to find the static directory at
# "../static".
global_download_dir=~/tmp/wsusoffline
download_logfile=~/tmp/wsusoffline/download.log
debug=1
function download_with_wget {
if [ $# -ne 2 ]; then
echo "function download_with_wget: Wrong number of arguments."
fi
local download_dir="$1"
local download_link="$2"
local max_tries=10
local default_wait_time=10
if [ $debug -eq 0 ]; then
local wget_verbosity="--no-verbose"
local wget_throttling=""
else
local wget_verbosity="--verbose --progress=dot:mega"
local wget_throttling="--limit-rate=20k"
fi
mkdir -p "${download_dir}"
for ((i=1 ; i<=${max_tries} ; i++)); do
wget --tries=1 --timeout=300 \
--timestamping --unlink \
${wget_verbosity} ${wget_throttling} \
--append-output="${download_logfile}" \
--directory-prefix="${download_dir}" \
"${download_link}"
last_return_code=$?
case ${last_return_code} in
0)
break
;;
1)
echo "Transient error: Generic error while retrieving ${download_link}." >> "${download_logfile}"
;;
2)
echo "Unrecoverable error: Parse error while retrieving ${download_link}." >> "${download_logfile}"
break
;;
3)
echo "Transient error: File I/O error while retrieving ${download_link}." >> "${download_logfile}"
;;
4)
echo "Transient error: Network failure while retrieving ${download_link}." >> "${download_logfile}"
;;
5)
echo "Unrecoverable error: SSL verification failure while retrieving ${download_link}." >> "${download_logfile}"
break
;;
6)
echo "Unrecoverable error: Username/password authentication failure while retrieving ${download_link}." >> "${download_logfile}"
break
;;
7)
echo "Unrecoverable error: Protocol error while retrieving ${download_link}." >> "${download_logfile}"
break
;;
8)
echo "Unrecoverable error: Server error while retrieving ${download_link}." >> "${download_logfile}"
break
;;
*)
echo "Unknown condition." >> "${download_logfile}"
break
;;
esac
# Sleep from 10 seconds to 90 seconds between tries
if [ ${i} -lt ${max_tries} ]; then
let wait_time=${i}*${default_wait_time}
echo "Retrying in ${wait_time} seconds..." >> "${download_logfile}"
sleep ${wait_time}
wget_throttling=""
fi
done
}
grep --no-filename "mpa[ms]-fe" ../static/StaticDownloadLink-wddefs-*-glb.txt ../static/StaticDownloadLinks-msse-*-glb.txt | while read global_download_link; do
download_with_wget ${global_download_dir} ${global_download_link}
sleep 10s
done
The download log after running this script looks like:
- Code: Select all
--2015-04-18 17:56:52-- http://download.microsoft.com/download/DefinitionUpdates/mpas-fe.exe
Auflösen des Hostnamen »download.microsoft.com (download.microsoft.com)«... 80.157.151.10, 80.157.151.9, 80.157.151.17, ...
Verbindungsaufbau zu download.microsoft.com (download.microsoft.com)|80.157.151.10|:80... verbunden.
HTTP-Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 32642840 (31M) [application/octet-stream]
Größen stimmen nicht überein (lokal 16777216) -- erneuter Download.
--2015-04-18 17:56:52-- http://download.microsoft.com/download/DefinitionUpdates/mpas-fe.exe
Wiederverwendung der bestehenden Verbindung zu download.microsoft.com:80.
HTTP-Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 32642840 (31M) [application/octet-stream]
In »»/home/anwender/tmp/wsusoffline/mpas-fe.exe«« speichern.
0K ........ ........ ........ ........ ........ ........ 9% 20,0K 24m3s
3072K ........ ........ ........ ........ ........ ........ 19% 20,0K 21m28s
6144K ........ ........ ........ ........ ........ ........ 28% 20,0K 18m54s
9216K ........ ........ ........ ........ ........ ........ 38% 20,0K 16m20s
12288K ........ ........ ........ ........ ........ ........ 48% 20,0K 13m46s
15360K ........ ........ ........ ........ ........ ........ 57% 20,0K 11m12s
18432K ........ ........ ........ ........ ........ ........ 67% 20,0K 8m39s
21504K ........ ........ ........ ........ ........ ........ 77% 20,0K 6m5s
24576K ........ ........ ........ ........ ........ ........ 86% 20,0K 3m32s
27648K .. 87% 20,8K=23m9s
2015-04-18 18:20:01 (20,0 KB/s) - Verbindung bei Byte 28445501 geschlossen. Aufgegeben.
Transient error: Network failure while retrieving http://download.microsoft.com/download/DefinitionUpdates/mpas-fe.exe.
Retrying in 10 seconds...
--2015-04-18 18:20:12-- http://download.microsoft.com/download/DefinitionUpdates/mpas-fe.exe
Auflösen des Hostnamen »download.microsoft.com (download.microsoft.com)«... 80.157.151.10, 80.157.151.17, 2003:8:0:27::509d:970a, ...
Verbindungsaufbau zu download.microsoft.com (download.microsoft.com)|80.157.151.10|:80... verbunden.
HTTP-Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 32642840 (31M) [application/octet-stream]
Größen stimmen nicht überein (lokal 28445501) -- erneuter Download.
--2015-04-18 18:20:12-- http://download.microsoft.com/download/DefinitionUpdates/mpas-fe.exe
Wiederverwendung der bestehenden Verbindung zu download.microsoft.com:80.
HTTP-Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 32644888 (31M) [application/octet-stream]
In »»/home/anwender/tmp/wsusoffline/mpas-fe.exe«« speichern.
0K ........ ........ ........ ........ ........ ........ 9% 694K 42s
3072K ........ ........ ........ ........ ........ ........ 19% 688K 37s
6144K ........ ........ ........ ........ ........ ........ 28% 688K 33s
9216K ........ ........ ........ ........ ........ ........ 38% 686K 28s
12288K ........ ........ ........ ........ ........ ........ 48% 688K 24s
15360K ........ ........ ........ ........ ........ ........ 57% 687K 20s
18432K ........ ........ ........ ........ ........ ........ 67% 689K 15s
21504K ........ ........ ........ ........ ........ ........ 77% 689K 11s
24576K ........ ........ ........ ........ ........ ........ 86% 689K 6s
27648K ........ ........ ........ ........ ........ ........ 96% 689K 2s
30720K ........ ........ .. 100% 689K=46s
2015-04-18 18:20:58 (689 KB/s) - »»/home/anwender/tmp/wsusoffline/mpas-fe.exe«« gespeichert [32644888/32644888]
Note, that the download rate is deliberately limited on the first try, to actually provoke a download error.
The saved file after restarting the download is okay:
- Code: Select all
$ wine ../bin/sigcheck.exe ~/tmp/wsusoffline/mpas-fe.exe
Sigcheck v2.1 - File version and signature viewer
Copyright (C) 2004-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
Z:\home\anwender\tmp\wsusoffline\mpas-fe.exe:
Verified: Signed
Signing date: 14:48 18.04.2015
Publisher: Microsoft Corporation
Description: AntiMalware Definition Update
Product: Microsoft Malware Protection
Prod version: 1.195.3711.0
File version: 1.195.3711.0
MachineType: 32-bit
Greetings,
Hartmut