From a9f8ebb4378978e8b7acf689533ac25aa08020d0 Mon Sep 17 00:00:00 2001 From: Bryan Roe Date: Tue, 5 Jul 2022 23:48:21 -0700 Subject: [PATCH] Updated self update documentation to point out that update server TLS certificate must match control channel server TLS certificate. --- docs/testing/SelfUpdate.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/testing/SelfUpdate.md b/docs/testing/SelfUpdate.md index 62e2785..4347d4c 100644 --- a/docs/testing/SelfUpdate.md +++ b/docs/testing/SelfUpdate.md @@ -40,6 +40,7 @@ This update mechanism starts with the server sending the Recovery Core to the ag the server will send a JSON command on the control channel with the action set to 'agentupdate', hash set to the SHA384 hash of the update, and the url set to an https url where the agent can fetch the updated agent binary. The recovery core JS, will download the update from the specified url, verifying the hash with the received hash value. During this process, the recovery core may send progress data via the control channel. Once the update has been received and verified, the agent will send a JSON command back to the server with the action field set to 'agentupdatedownloaded'. This will indicate to the server that the update has been successfully downloaded and verified. +It should be noted that the TLS certificate presented by the server hosting the agent update, must match the TLS certificate presented by the server in the Agent control channel. To perform the actual update after verifying receipt, the recovery core will utilise _wexecve() to stop the agent service, overwrite the agent binary, then restart the service. On Linux and BSD platforms, the recovery core will simply overwrite the agent binary and utilize execv() to restart the agent after closing all open descriptors.