Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
pascal
/
innosetup
zrkadlo https://github.com/jrsoftware/issrc.git
2
0
Fork 0
Súbory Issues 0 Wiki
Prechádzať zdrojové kódy

Tweak/clarify.

Martijn Laan 3 mesiacov pred
rodič
0daa983351
commit
22fdf187fe
2 zmenil súbory, kde vykonal 4 pridanie a 2 odobranie
Rozdelené zobrazenie Ukázať štatistiku rozdielnych dát
  1. 2 1
      ISHelp/isetup.xml
  2. 2 1
      whatsnew.htm

+ 2 - 1
ISHelp/isetup.xml
Zobraziť súbor 

@@ -1735,7 +1735,8 @@ Instructs Setup to proceed to comparing time stamps (last write/modified time) i
 
 <li><p>When used with the <tt>external</tt> flag, Setup will verify the source file during the installation process while it is being copied to the destination directory. Files are always created with temporary names (<tt>*.tmp</tt>) initially. If the verification fails, the temporary file will be deleted and a &quot;The source file is corrupted&quot; error message will be displayed to the user (with Skip, Try Again, and Cancel options) and a more detailed error is logged. If the verification succeeds, the temporary file will be renamed to the correct destination name.</p>

 <p>When a file entry with the <tt>external</tt> flag is skipped (i.e., not installed - for example because the <tt>ignoreversion</tt> flag wasn't used), the source file isn't copied anywhere, so no verification takes place.</p></li>

 </ul>

-<p>Since verification occurs while source files are being compressed/copied, and not in a separate pass, each file's contents are only read once. Thus, enabling verification has little performance impact; the only extra I/O comes from reading the tiny <tt>.issig</tt> files. This approach also ensures there is no Time-Of-Check to Time-Of-Use (TOCTOU) problem; each source file is kept open the entire time it is being compressed/copied and verified without allowing other processes write access.</p>

+<p>Since verification occurs while source files are being compressed/copied, and not in a separate pass, each file's contents are only read once. Thus, enabling verification has little performance impact; the only extra I/O comes from reading the tiny <tt>.issig</tt> files. Only archives and downloaded files are read twice.</p>

+<p>The verification process is protected against the Time-Of-Check to Time-Of-Use (TOCTOU) problem.</p>

 <p>This flag cannot be combined with the <tt>sign</tt> or <tt>signonce</tt> flags. Use <tt>signcheck</tt> instead.</p>

 </flag>

 <flag name="isreadme">

+ 2 - 1
whatsnew.htm
Zobraziť súbor 

@@ -110,7 +110,8 @@ Name: bosskey; KeyFile: "boss.ispublickey"</pre>
 
     <li>Added a new <tt>issigverify</tt> flag for enforcing cryptographic signature verification of source files using a key from the <tt>[ISSigKeys]</tt> section, enhancing security during both compilation and installation.</li>

     <li>When used without the <tt>external</tt> flag, verification is performed during compilation, aborting if it fails. When used with the <tt>external</tt> flag, verification occurs during installation, ensuring the integrity of files as they are copied.</li>

     <li>Requires an <tt>.issig</tt> signature file to be present in the same directory as the source file. Signature files are human-readable files and can be created using the Inno Setup Signature Tool.</li>

-    <li>Has little performance impact since verification occurs while source files are being compressed/copied; the only extra I/O comes from reading the tiny <tt>.issig</tt> files. This approach also ensures there is no Time-Of-Check to Time-Of-Use (TOCTOU) problem.</li>

+    <li>Has little performance impact since verification occurs while source files are being compressed/copied and each file's contents are only read once; the only extra I/O comes from reading the tiny <tt>.issig</tt> files. Only archives and downloaded files are read a second time.</li>

+    <li>The verification process is protected against the Time-Of-Check to Time-Of-Use (TOCTOU) problem.</li>

     <li>Can be used to verify downloaded files, offering flexibility over SHA-256 checks as script changes aren't needed for file updates. See the updated <i>CodeDownloadFiles.iss</i> example script for an example.</li>

     <li>Added a new and optional <tt>ISSigAllowedKeys</tt> parameter to restrict which keys or groups of keys from the <tt>[ISSigKeys]</tt> section are permitted for signature verification using the <tt>issigverify</tt> flag.</li>

     <li>Note: The <tt>issigverify</tt> flag cannot be combined with the <tt>sign</tt> or <tt>signonce</tt> flags. Use <tt>signcheck</tt> instead.</li>