Fixing the updater: Difference between revisions
Jump to navigation
Jump to search
Content deleted Content added
imported>Hendrik Brummermann |
imported>Hendrik Brummermann No edit summary |
||
| (19 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== Current issues == |
|||
* can be broken by third parties, if they provide signed jars but don't change the game name |
|||
== Now == |
|||
* does not allow updates of the updater |
|||
* can break if jar files are missing in the update change (e. g. stendhal-0.90.jar with only stendhal-diff-0.92-0.93.jar) because of NullPointerExceptions on missing resources |
|||
* requires new complete download on signature expire |
|||
* version number in start is missleading |
|||
== Approaches == |
|||
* use load-0.86 so that old .jar files are ignored. |
|||
* sign new webstart starter with new cert |
|||
* create release for 0.86.1 with new cert |
|||
* only use 0.86.1 for webstart |
|||
* Have only a very small signed package that requests the webstart permissions. |
|||
== Live == |
|||
* do the update and startup handling in another, updatable package |
|||
* use own signing of .jar files with a certificate that does not expire in a year. |
|||
* update webstart starter |
|||
* verify signature before adding a .jar to the classpath to prevent third parties from breaking the update |
|||
* update-0.86.properties |
|||
* if a resource does not exist, don't return null but throw a LinkageException |
|||
* provide 0.86.1 files with new cert in updater location. |
|||
== Later == |
|||
* provide 0.86.1 download signed with new key |
|||
== 0.87 == |
|||
* make sure that games.stendhal.client.update is not included in the diff files for the old updater |
|||
* make sure that META-INF |
|||
* provide two update diffs (one with the old cert and one with the new cert) |
|||
* update.properties pointing to the ones with the old cert |
|||
* update-0.86.properties pointing to the ones with the new cert |
|||