Remote Secure Installer: Difference between revisions
From NSIS Wiki
Jump to navigationJump to search
No edit summary |
No edit summary |
||
Line 84: | Line 84: | ||
===example=== | ===example=== | ||
.\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe | .\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe | ||
[[Category:Real World Installers]] |
Revision as of 09:06, 26 July 2009
This is an automatic, remote installer. It downloads packages from some locations, verifies and installs them.
The source code is here:
Readme
Remote installer components
installer: installs the two components in their place checker: runs in the background, periodically starts updater as a background process updater: when started, checks urls as given in the updater.ini file
What it does:
- updater has a configuration file installer.ini which lives in the same directory
- it holds section "Download locations"
- there up to 50 url links (http, ftp (not tested) and file:///)
- file:/// can be relative or absolute path
- e.g. file:///components.txt.asc
- updater consults installer.ini
- downloads the "manifest" from the first valid url into a temporary location
- it should be signed with a private key of a TRUSTED_SIGNATORY (see source)
- the downloaded file is verified, if the signature is not recognized, downloader tries next url(s)
- if no valid manifest is downloaded, program aborts
- the downloaded manifest contains "changesets" in the ini structure
- name of the section is the name of the feature
- eg. [001 - Silent changes]
- it is a good idea to put numbers, sections are sorted alphabetically
- each section should contain: url, md5, args, onfailure keys
- url: where to download the new/changed feature
- md5: checksum of the downloaded file
- args: instructions how to execute the downloaded file, in case of 7z, it is a directory where it will be unpacked
- onfailure: continue|stop|retry
- updater first sorts sections alphabetically and starts from the first
- if already installed (it will be skipped)
- records of the installed features are kept in a separate ini: updated.ini
- if not installed:
- url is downloaded into temporary location
- downloaded file is checked against the md5 checksum
- if the file has .gpg suffix, it is decrypted
- e.g. "program.exe.gpg" will become "program.exe"
- decryption uses gpg and a private key of the program
- package should be encrypted for ID of the installer
- installer also checks if the file was encrypted by TRUSTED_SIGNATORY
- "args" are expanded (ie. args=%(DOWNLOADED_FILE)s /S becomes "some_path\ns6984.exe /S")
- file is in a temporary location is executed (based on the suffix)
- exe files: run using ExecTimeout
- 7z files: output dir is set to the path in "args" and run Extract
- more actions could be added later
- if everything goes fine, package name is added into the updated.ini
- ID = date (eg. 001 - Silent changes=07.07.2009 22:41:28)
- if anything went wrong:
- package installation is ended
- no records is written in the updated.ini
- based on the onfailure value, installation stops or continuew with a next package
- it is up to you to solve the failure states
- if already installed (it will be skipped)
How to make a distribution
- prepare a manifest:
- e.g. .\tests\components.0.01.txt
- sign the manifest with gpg
- e.g. .\gpg\gpg.exe --homedir .\gpg_local_side --clearsign .\tests\components.0.01.txt
- check the updater.ini file
- it must contain valid future URL locations of the manifest
- check the installer.ini file
- it must have a valid args in the section [Checker]
- this tells installer what to put in the Run section of the registry
- and also how to start checker after the installation
- compile the scripts, in this order:
- checker.nsi --> semanchk.exe
- updater.nsi --> updater.win32.0.01.exe
- installer.nsi --> installer.win32.0.01.exe
To encrypt a file
- you have to encrypt and sign it
- the SIGNATORY must be known to the updater
- see updater.nsi, search for TRUSTED_SIGNATORY
- the file must be addressed to the updater
- you must have the public key of the recipient in the keyring
example
.\gpg\gpg.exe --homedir .\gpg_local_side -r "John the Recipient" -se .\tests\program.exe