Remote Secure Installer: Difference between revisions

From NSIS Wiki
Jump to navigationJump to search
(Automatic installer for remote packages)
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
This is an automatic, remote installer. It downloads packages from some locations, verifies and install them.  
This is an automatic, remote installer. It downloads packages from some locations, verifies and installs them.  


<pre>
The source code is here:
Readme:
*<attach>Auto remote installer.zip</attach>
*http://forums.winamp.com/showthread.php?s=&threadid=308388
=Readme=


Remote installer components:
==Remote installer components==
----------------------------


installer: installs the two components in their place
*installer: installs the two components in their place.
checker: runs in the background, periodically starts updater as a background process
*updater: when started, checks urls as given in the updater.ini file.
updater: when started, checks urls as given in the updater.ini file
*checker: runs in the background, periodically starts updater as a background process.


What it does:
What it does:
1. updater has a configuration file installer.ini which lives in the same directory
#updater has a configuration file installer.ini which lives in the same directory
- it holds section "Download locations"
#*it holds section "Download locations"
- there up to 50 url links (http, ftp (not tested) and file:///)
#*there up to 50 url links (http, ftp (not tested) and file:///)
- file:/// can be relative or absolute path
#*file:/// can be relative or absolute path
- e.g. file:///components.txt.asc
#*e.g. file:///components.txt.asc
#updater consults installer.ini
#*downloads the "manifest" from the first valid url into a temporary location
#*it should be signed with a private key of a TRUSTED_SIGNATORY (see source)
#*the downloaded file is verified, if the signature is not recognized, downloader tries next url(s)
#*if no valid manifest is downloaded, program aborts
#the downloaded manifest contains "changesets" in the ini structure
#*name of the section is the name of the feature
#*eg. [001 - Silent changes]
#*it is a good idea to put numbers, sections are sorted alphabetically
#*each section should contain: url, md5, args, onfailure keys
#**url: where to download the new/changed feature
#**md5: checksum of the downloaded file
#**args: instructions how to execute the downloaded file, in case of 7z, it is a directory where it will be unpacked
#*onfailure: continue|stop|retry
#updater first sorts sections alphabetically and starts from the first
#*if already installed (it will be skipped)
#**records of the installed features are kept in a separate ini: updated.ini
#*if not installed:
#**url is downloaded into temporary location
#**downloaded file is checked against the md5 checksum
#**if the file has .gpg suffix, it is decrypted
#**e.g. "program.exe.gpg" will become "program.exe"
#**decryption uses gpg and a private key of the program
#**package should be encrypted for ID of the installer
#**installer also checks if the file was encrypted by TRUSTED_SIGNATORY
#**"args" are expanded (ie. args=%(DOWNLOADED_FILE)s /S becomes "some_path\ns6984.exe /S")
#**file is in a temporary location is executed (based on the suffix)
#**exe files: run using ExecTimeout
#**7z files: output dir is set to the path in "args" and run Extract
#**more actions could be added later
#**if everything goes fine, package name is added into the updated.ini
#**ID = date (eg. 001 - Silent changes=07.07.2009 22:41:28)
#*if anything went wrong:
#**package installation is ended
#**no records is written in the updated.ini
#**based on the onfailure value, installation stops or continuew with a next package
#**it is up to you to solve the failure states


2. updater consults installer.ini
==How to make a distribution==
- downloads the "manifest" from the first valid url into a temporary location
- it should be signed with a private key of a TRUSTED_SIGNATORY (see source)
- the downloaded file is verified, if the signature is not recognized, downloader tries next url(s)
- if no valid manifest is downloaded, program aborts


3. the downloaded manifest contains "changesets" in the ini structure
#prepare a manifest:
- name of the section is the name of the feature
#*e.g. .\tests\components.0.01.txt
- eg. [001 - Silent changes]
#sign the manifest with gpg
- it is a good idea to put numbers, sections are sorted alphabetically
#*e.g. .\gpg\gpg.exe --homedir .\gpg_local_side --clearsign .\tests\components.0.01.txt
- each section should contain: url, md5, args, onfailure keys
#check the updater.ini file
- url: where to download the new/changed feature
#*it must contain valid future URL locations of the manifest
- md5: checksum of the downloaded file
#check the installer.ini file
- args: instructions how to execute the downloaded file, in case of 7z, it is a directory where it will be unpacked
#*it must have a valid args in the section [Checker]
- onfailure: continue|stop|retry
#*this tells installer what to put in the Run section of the registry
4. updater first sorts sections alphabetically and starts from the first
#*and also how to start checker after the installation
- if already installed (it will be skipped)
#compile the scripts, in this order:
- records of the installed features are kept in a separate ini: updated.ini
##checker.nsi --> semanchk.exe
- if not installed:
##updater.nsi --> updater.win32.0.01.exe
- url is downloaded into temporary location
##installer.nsi --> installer.win32.0.01.exe
- downloaded file is checked against the md5 checksum
- if the file has .gpg suffix, it is decrypted
- e.g. "program.exe.gpg" will become "program.exe"
- decryption uses gpg and a private key of the program
- package should be encrypted for ID of the installer
- installer also checks if the file was encrypted by TRUSTED_SIGNATORY
- "args" are expanded (ie. args=%(DOWNLOADED_FILE)s /S becomes "some_path\ns6984.exe /S")
- file is in a temporary location is executed (based on the suffix)
- exe files: run using ExecTimeout
- 7z files: output dir is set to the path in "args" and run Extract
- more actions could be added later
- if everything goes fine, package name is added into the updated.ini
- ID = date (eg. 001 - Silent changes=07.07.2009 22:41:28)
- if anything went wrong:
- package installation is ended
- no records is written in the updated.ini
- based on the onfailure value, installation stops or continuew with a next package
- it is up to you to solve the failure states




How to make a distribution:
==To encrypt a file==
---------------------------


1. prepare a manifest:
*you have to encrypt and sign it
- e.g. .\tests\components.0.01.txt
*the SIGNATORY must be known to the updater
2. sign the manifest with gpg
*see updater.nsi, search for TRUSTED_SIGNATORY
- e.g. .\gpg\gpg.exe --homedir .\gpg_local_side --clearsign .\tests\components.0.01.txt
*the file must be addressed to the updater
3. check the updater.ini file
*you must have the public key of the recipient in the keyring
- it must contain valid future URL locations of the manifest
4. check the installer.ini file
- it must have a valid args in the section [Checker]
- this tells installer what to put in the Run section of the registry
- and also how to start checker after the installation
5. compile the scripts, in this order:
a) checker.nsi --> semanchk.exe
b) updater.nsi --> updater.win32.0.01.exe
c) installer.nsi --> installer.win32.0.01.exe


===example===
.\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe


To encrypt a file:
[[Category:Real World Installers]]
------------------
- you have to encrypt and sign it
- the SIGNATORY must be known to the updater
- see updater.nsi, search for TRUSTED_SIGNATORY
- the file must be addressed to the updater
- you must have the public key of the recipient in the keyring
 
example:
.\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe
</pre>

Latest revision as of 09:21, 11 March 2010

This is an automatic, remote installer. It downloads packages from some locations, verifies and installs them.

The source code is here:

Readme

Remote installer components

  • installer: installs the two components in their place.
  • updater: when started, checks urls as given in the updater.ini file.
  • checker: runs in the background, periodically starts updater as a background process.

What it does:

  1. updater has a configuration file installer.ini which lives in the same directory
    • it holds section "Download locations"
    • there up to 50 url links (http, ftp (not tested) and file:///)
    • file:/// can be relative or absolute path
    • e.g. file:///components.txt.asc
  2. updater consults installer.ini
    • downloads the "manifest" from the first valid url into a temporary location
    • it should be signed with a private key of a TRUSTED_SIGNATORY (see source)
    • the downloaded file is verified, if the signature is not recognized, downloader tries next url(s)
    • if no valid manifest is downloaded, program aborts
  3. the downloaded manifest contains "changesets" in the ini structure
    • name of the section is the name of the feature
    • eg. [001 - Silent changes]
    • it is a good idea to put numbers, sections are sorted alphabetically
    • each section should contain: url, md5, args, onfailure keys
      • url: where to download the new/changed feature
      • md5: checksum of the downloaded file
      • args: instructions how to execute the downloaded file, in case of 7z, it is a directory where it will be unpacked
    • onfailure: continue|stop|retry
  4. updater first sorts sections alphabetically and starts from the first
    • if already installed (it will be skipped)
      • records of the installed features are kept in a separate ini: updated.ini
    • if not installed:
      • url is downloaded into temporary location
      • downloaded file is checked against the md5 checksum
      • if the file has .gpg suffix, it is decrypted
      • e.g. "program.exe.gpg" will become "program.exe"
      • decryption uses gpg and a private key of the program
      • package should be encrypted for ID of the installer
      • installer also checks if the file was encrypted by TRUSTED_SIGNATORY
      • "args" are expanded (ie. args=%(DOWNLOADED_FILE)s /S becomes "some_path\ns6984.exe /S")
      • file is in a temporary location is executed (based on the suffix)
      • exe files: run using ExecTimeout
      • 7z files: output dir is set to the path in "args" and run Extract
      • more actions could be added later
      • if everything goes fine, package name is added into the updated.ini
      • ID = date (eg. 001 - Silent changes=07.07.2009 22:41:28)
    • if anything went wrong:
      • package installation is ended
      • no records is written in the updated.ini
      • based on the onfailure value, installation stops or continuew with a next package
      • it is up to you to solve the failure states

How to make a distribution

  1. prepare a manifest:
    • e.g. .\tests\components.0.01.txt
  2. sign the manifest with gpg
    • e.g. .\gpg\gpg.exe --homedir .\gpg_local_side --clearsign .\tests\components.0.01.txt
  3. check the updater.ini file
    • it must contain valid future URL locations of the manifest
  4. check the installer.ini file
    • it must have a valid args in the section [Checker]
    • this tells installer what to put in the Run section of the registry
    • and also how to start checker after the installation
  5. compile the scripts, in this order:
    1. checker.nsi --> semanchk.exe
    2. updater.nsi --> updater.win32.0.01.exe
    3. installer.nsi --> installer.win32.0.01.exe


To encrypt a file

  • you have to encrypt and sign it
  • the SIGNATORY must be known to the updater
  • see updater.nsi, search for TRUSTED_SIGNATORY
  • the file must be addressed to the updater
  • you must have the public key of the recipient in the keyring

example

.\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe
Retrieved from "https://nsis.sourceforge.io/mediawiki/index.php?title=Remote_Secure_Installer&oldid=18231"