/// <summary>
/// Called when the installer is downloaded
/// </summary>
/// <param name="sender">not used.</param>
/// <param name="e">used to determine if the download was successful.</param>
private void OnWebDownloadClientDownloadFileCompleted(object sender, AsyncCompletedEventArgs e)
{
if (e.Error != null)
{
UIFactory.ShowDownloadErrorMessage(e.Error.Message, _appCastUrl);
ProgressWindow.ForceClose();
return;
}
// test the item for DSA signature
bool isDSAOk = false;
if (!e.Cancelled && e.Error == null)
{
ReportDiagnosticMessage("Finished downloading file to: " + _downloadTempFileName);
// report
ReportDiagnosticMessage("Performing DSA check");
// get the assembly
if (File.Exists(_downloadTempFileName))
{
// check if the file was downloaded successfully
String absolutePath = Path.GetFullPath(_downloadTempFileName);
if (!File.Exists(absolutePath))
throw new FileNotFoundException();
if (UserWindow.CurrentItem.DSASignature == null)
{
isDSAOk = true;// REVIEW. The correct logic, seems to me, is that if the existing, running version of the app
//had no DSA, and the appcast didn't specify one, then it's ok that the one we've just
//downloaded doesn't either. This may be just checking that the appcast didn't specify one. Is
//that really enough? If someone can change what gets downloaded, can't they also change the appcast?
}
else
{
// get the assembly reference from which we start the update progress
// only from this trusted assembly the public key can be used
Assembly refassembly = Assembly.GetEntryAssembly();
if (refassembly != null)
{
// Check if we found the public key in our entry assembly
if (NetSparkleDSAVerificator.ExistsPublicKey("NetSparkle_DSA.pub"))
{
// check the DSA Code and modify the back color
NetSparkleDSAVerificator dsaVerifier = new NetSparkleDSAVerificator("NetSparkle_DSA.pub");
isDSAOk = dsaVerifier.VerifyDSASignature(UserWindow.CurrentItem.DSASignature, _downloadTempFileName);
}
}
}
}
}
if (EnableSilentMode)
{
OnProgressWindowInstallAndRelaunch(this, new EventArgs());
}
if (ProgressWindow != null)
{
ProgressWindow.ChangeDownloadState(isDSAOk);
}
}
/// <summary>
/// Called when the installer is downloaded
/// </summary>
/// <param name="sender">not used.</param>
/// <param name="e">used to determine if the download was successful.</param>
private void OnWebDownloadClientDownloadFileCompleted(object sender, AsyncCompletedEventArgs e)
{
if (e.Error != null)
{
UIFactory.ShowDownloadErrorMessage(e.Error.Message, _appCastUrl);
ProgressWindow.ForceClose();
return;
}
// test the item for DSA signature
bool isDSAOk = false;
if (!e.Cancelled && e.Error == null)
{
ReportDiagnosticMessage("Finished downloading file to: " + _downloadTempFileName);
// report
ReportDiagnosticMessage("Performing DSA check");
// get the assembly
if (File.Exists(_downloadTempFileName))
{
// check if the file was downloaded successfully
String absolutePath = Path.GetFullPath(_downloadTempFileName);
if (!File.Exists(absolutePath))
{
throw new FileNotFoundException();
}
if (UserWindow.CurrentItem.DSASignature == null)
{
isDSAOk = true; // REVIEW. The correct logic, seems to me, is that if the existing, running version of the app
//had no DSA, and the appcast didn't specify one, then it's ok that the one we've just
//downloaded doesn't either. This may be just checking that the appcast didn't specify one. Is
//that really enough? If someone can change what gets downloaded, can't they also change the appcast?
}
else
{
// get the assembly reference from which we start the update progress
// only from this trusted assembly the public key can be used
Assembly refassembly = Assembly.GetEntryAssembly();
if (refassembly != null)
{
// Check if we found the public key in our entry assembly
if (NetSparkleDSAVerificator.ExistsPublicKey("NetSparkle_DSA.pub"))
{
// check the DSA Code and modify the back color
NetSparkleDSAVerificator dsaVerifier = new NetSparkleDSAVerificator("NetSparkle_DSA.pub");
isDSAOk = dsaVerifier.VerifyDSASignature(UserWindow.CurrentItem.DSASignature, _downloadTempFileName);
}
}
}
}
}
if (EnableSilentMode)
{
OnProgressWindowInstallAndRelaunch(this, new EventArgs());
}
if (ProgressWindow != null)
{
ProgressWindow.ChangeDownloadState(isDSAOk);
}
}
/// <summary>
/// ctor which needs the appcast url and a referenceassembly
/// </summary>
/// <param name="appcastUrl">the URL for the appcast file</param>
/// <param name="applicationIcon">If you're invoking this from a form, this would be this.Icon</param>
/// <param name="referenceAssembly">the name of the assembly to use for comparison</param>
/// <param name="factory">UI factory to use</param>
public Sparkle(String appcastUrl, Icon applicationIcon, SecurityMode securityMode, String dsaPublicKey, String referenceAssembly, INetSparkleUIFactory factory)
{
_applicationIcon = applicationIcon;
ExtraJsonData = "";
PrintDiagnosticToConsole = false;
UIFactory = factory;
// DSA Verificator
DSAVerificator = new NetSparkleDSAVerificator(securityMode, dsaPublicKey);
// Syncronisation Context
_syncContext = SynchronizationContext.Current;
if (_syncContext == null)
{
_syncContext = new SynchronizationContext();
}
// preconfige ssl trust
TrustEverySSLConnection = false;
// configure ssl cert link
ServicePointManager.ServerCertificateValidationCallback += RemoteCertificateValidation;
// init UI
UIFactory.Init();
_appReferenceAssembly = null;
// set the reference assembly
if (referenceAssembly != null)
{
_appReferenceAssembly = referenceAssembly;
Debug.WriteLine("Checking the following file: " + _appReferenceAssembly);
}
// TODO: change BackgroundWorker to Task
// adjust the delegates
_taskWorker = new Task(() =>
{
OnWorkerDoWork(null, null);
});
_cancelTokenSource = new CancellationTokenSource();
_cancelToken = _cancelTokenSource.Token;
/*_worker = new BackgroundWorker {WorkerReportsProgress = true};
_worker.DoWork += OnWorkerDoWork;
_worker.ProgressChanged += OnWorkerProgressChanged;*/
// build the wait handle
_exitHandle = new EventWaitHandle(false, EventResetMode.AutoReset);
_loopingHandle = new EventWaitHandle(false, EventResetMode.ManualReset);
// set the url
_appCastUrl = appcastUrl;
Debug.WriteLine("Using the following url: " + _appCastUrl);
RunningFromWPF = false;
}
