Remote Secure Installer: Difference between revisions

From NSIS Wiki
Jump to navigationJump to search
No edit summary
(wikified)
Line 3: Line 3:
The source code is here: http://forums.winamp.com/showthread.php?s=&threadid=308388
The source code is here: http://forums.winamp.com/showthread.php?s=&threadid=308388


<pre>
=Readme=
Readme:


Remote installer components:
==Remote installer components==
----------------------------


installer: installs the two components in their place
installer: installs the two components in their place
Line 14: Line 12:


What it does:
What it does:
1. updater has a configuration file installer.ini which lives in the same directory
#updater has a configuration file installer.ini which lives in the same directory
- it holds section "Download locations"
#*it holds section "Download locations"
- there up to 50 url links (http, ftp (not tested) and file:///)
#*there up to 50 url links (http, ftp (not tested) and file:///)
- file:/// can be relative or absolute path
#*file:/// can be relative or absolute path
- e.g. file:///components.txt.asc
#*e.g. file:///components.txt.asc
#updater consults installer.ini
#*downloads the "manifest" from the first valid url into a temporary location
#*it should be signed with a private key of a TRUSTED_SIGNATORY (see source)
#*the downloaded file is verified, if the signature is not recognized, downloader tries next url(s)
#*if no valid manifest is downloaded, program aborts
#the downloaded manifest contains "changesets" in the ini structure
#*name of the section is the name of the feature
#*eg. [001 - Silent changes]
#*it is a good idea to put numbers, sections are sorted alphabetically
#*each section should contain: url, md5, args, onfailure keys
#**url: where to download the new/changed feature
#**md5: checksum of the downloaded file
#**args: instructions how to execute the downloaded file, in case of 7z, it is a directory where it will be unpacked
#*onfailure: continue|stop|retry
#updater first sorts sections alphabetically and starts from the first
#*if already installed (it will be skipped)
#**records of the installed features are kept in a separate ini: updated.ini
#*if not installed:
#**url is downloaded into temporary location
#**downloaded file is checked against the md5 checksum
#**if the file has .gpg suffix, it is decrypted
#**e.g. "program.exe.gpg" will become "program.exe"
#**decryption uses gpg and a private key of the program
#**package should be encrypted for ID of the installer
#**installer also checks if the file was encrypted by TRUSTED_SIGNATORY
#**"args" are expanded (ie. args=%(DOWNLOADED_FILE)s /S becomes "some_path\ns6984.exe /S")
#**file is in a temporary location is executed (based on the suffix)
#**exe files: run using ExecTimeout
#**7z files: output dir is set to the path in "args" and run Extract
#**more actions could be added later
#**if everything goes fine, package name is added into the updated.ini
#**ID = date (eg. 001 - Silent changes=07.07.2009 22:41:28)
#*if anything went wrong:
#**package installation is ended
#**no records is written in the updated.ini
#**based on the onfailure value, installation stops or continuew with a next package
#**it is up to you to solve the failure states


2. updater consults installer.ini
==How to make a distribution==
- downloads the "manifest" from the first valid url into a temporary location
- it should be signed with a private key of a TRUSTED_SIGNATORY (see source)
- the downloaded file is verified, if the signature is not recognized, downloader tries next url(s)
- if no valid manifest is downloaded, program aborts


3. the downloaded manifest contains "changesets" in the ini structure
#prepare a manifest:
- name of the section is the name of the feature
#*e.g. .\tests\components.0.01.txt
- eg. [001 - Silent changes]
#sign the manifest with gpg
- it is a good idea to put numbers, sections are sorted alphabetically
#*e.g. .\gpg\gpg.exe --homedir .\gpg_local_side --clearsign .\tests\components.0.01.txt
- each section should contain: url, md5, args, onfailure keys
#check the updater.ini file
- url: where to download the new/changed feature
#*it must contain valid future URL locations of the manifest
- md5: checksum of the downloaded file
#check the installer.ini file
- args: instructions how to execute the downloaded file, in case of 7z, it is a directory where it will be unpacked
#*it must have a valid args in the section [Checker]
- onfailure: continue|stop|retry
#*this tells installer what to put in the Run section of the registry
4. updater first sorts sections alphabetically and starts from the first
#*and also how to start checker after the installation
- if already installed (it will be skipped)
#compile the scripts, in this order:
- records of the installed features are kept in a separate ini: updated.ini
##checker.nsi --> semanchk.exe
- if not installed:
##updater.nsi --> updater.win32.0.01.exe
- url is downloaded into temporary location
##installer.nsi --> installer.win32.0.01.exe
- downloaded file is checked against the md5 checksum
- if the file has .gpg suffix, it is decrypted
- e.g. "program.exe.gpg" will become "program.exe"
- decryption uses gpg and a private key of the program
- package should be encrypted for ID of the installer
- installer also checks if the file was encrypted by TRUSTED_SIGNATORY
- "args" are expanded (ie. args=%(DOWNLOADED_FILE)s /S becomes "some_path\ns6984.exe /S")
- file is in a temporary location is executed (based on the suffix)
- exe files: run using ExecTimeout
- 7z files: output dir is set to the path in "args" and run Extract
- more actions could be added later
- if everything goes fine, package name is added into the updated.ini
- ID = date (eg. 001 - Silent changes=07.07.2009 22:41:28)
- if anything went wrong:
- package installation is ended
- no records is written in the updated.ini
- based on the onfailure value, installation stops or continuew with a next package
- it is up to you to solve the failure states




How to make a distribution:
==To encrypt a file==
---------------------------


1. prepare a manifest:
*you have to encrypt and sign it
- e.g. .\tests\components.0.01.txt
*the SIGNATORY must be known to the updater
2. sign the manifest with gpg
*see updater.nsi, search for TRUSTED_SIGNATORY
- e.g. .\gpg\gpg.exe --homedir .\gpg_local_side --clearsign .\tests\components.0.01.txt
*the file must be addressed to the updater
3. check the updater.ini file
*you must have the public key of the recipient in the keyring
- it must contain valid future URL locations of the manifest
4. check the installer.ini file
- it must have a valid args in the section [Checker]
- this tells installer what to put in the Run section of the registry
- and also how to start checker after the installation
5. compile the scripts, in this order:
a) checker.nsi --> semanchk.exe
b) updater.nsi --> updater.win32.0.01.exe
c) installer.nsi --> installer.win32.0.01.exe


 
===example===
To encrypt a file:
.\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe
------------------
- you have to encrypt and sign it
- the SIGNATORY must be known to the updater
- see updater.nsi, search for TRUSTED_SIGNATORY
- the file must be addressed to the updater
- you must have the public key of the recipient in the keyring
 
example:
.\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe
</pre>

Revision as of 13:25, 25 July 2009

This is an automatic, remote installer. It downloads packages from some locations, verifies and installs them.

The source code is here: http://forums.winamp.com/showthread.php?s=&threadid=308388

Readme

Remote installer components

installer: installs the two components in their place checker: runs in the background, periodically starts updater as a background process updater: when started, checks urls as given in the updater.ini file

What it does:

  1. updater has a configuration file installer.ini which lives in the same directory
    • it holds section "Download locations"
    • there up to 50 url links (http, ftp (not tested) and file:///)
    • file:/// can be relative or absolute path
    • e.g. file:///components.txt.asc
  2. updater consults installer.ini
    • downloads the "manifest" from the first valid url into a temporary location
    • it should be signed with a private key of a TRUSTED_SIGNATORY (see source)
    • the downloaded file is verified, if the signature is not recognized, downloader tries next url(s)
    • if no valid manifest is downloaded, program aborts
  3. the downloaded manifest contains "changesets" in the ini structure
    • name of the section is the name of the feature
    • eg. [001 - Silent changes]
    • it is a good idea to put numbers, sections are sorted alphabetically
    • each section should contain: url, md5, args, onfailure keys
      • url: where to download the new/changed feature
      • md5: checksum of the downloaded file
      • args: instructions how to execute the downloaded file, in case of 7z, it is a directory where it will be unpacked
    • onfailure: continue|stop|retry
  4. updater first sorts sections alphabetically and starts from the first
    • if already installed (it will be skipped)
      • records of the installed features are kept in a separate ini: updated.ini
    • if not installed:
      • url is downloaded into temporary location
      • downloaded file is checked against the md5 checksum
      • if the file has .gpg suffix, it is decrypted
      • e.g. "program.exe.gpg" will become "program.exe"
      • decryption uses gpg and a private key of the program
      • package should be encrypted for ID of the installer
      • installer also checks if the file was encrypted by TRUSTED_SIGNATORY
      • "args" are expanded (ie. args=%(DOWNLOADED_FILE)s /S becomes "some_path\ns6984.exe /S")
      • file is in a temporary location is executed (based on the suffix)
      • exe files: run using ExecTimeout
      • 7z files: output dir is set to the path in "args" and run Extract
      • more actions could be added later
      • if everything goes fine, package name is added into the updated.ini
      • ID = date (eg. 001 - Silent changes=07.07.2009 22:41:28)
    • if anything went wrong:
      • package installation is ended
      • no records is written in the updated.ini
      • based on the onfailure value, installation stops or continuew with a next package
      • it is up to you to solve the failure states

How to make a distribution

  1. prepare a manifest:
    • e.g. .\tests\components.0.01.txt
  2. sign the manifest with gpg
    • e.g. .\gpg\gpg.exe --homedir .\gpg_local_side --clearsign .\tests\components.0.01.txt
  3. check the updater.ini file
    • it must contain valid future URL locations of the manifest
  4. check the installer.ini file
    • it must have a valid args in the section [Checker]
    • this tells installer what to put in the Run section of the registry
    • and also how to start checker after the installation
  5. compile the scripts, in this order:
    1. checker.nsi --> semanchk.exe
    2. updater.nsi --> updater.win32.0.01.exe
    3. installer.nsi --> installer.win32.0.01.exe


To encrypt a file

  • you have to encrypt and sign it
  • the SIGNATORY must be known to the updater
  • see updater.nsi, search for TRUSTED_SIGNATORY
  • the file must be addressed to the updater
  • you must have the public key of the recipient in the keyring

example

.\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe
Retrieved from "https://nsis.sourceforge.io/mediawiki/index.php?title=Remote_Secure_Installer&oldid=17448"