austin987
commented
1 month ago Hi there,
I would like to add a verb to winetricks for a radio modem called VARA, but the developer updates it a lot and future versions break compitability with older versions. The developer does not provide an auto-update feature within VARA, so I cannot have winetricks just install an old version and have it auto-update.
You could point to an archive.org snapshot instead, but that has its own issues (it often is under heavy load and sometimes fails).
I would like to write a winetricks verb that retrieves an SHA256 hash from the developer's website (haven't figured out how to do that POSIXly yet) and then uses that hash to download from a static location (for example, something like: https://downloads.winlink.org/VARA%20Products/VARA%20HF%20setup%20latest.zip - I'll talk to the website admins about adding a static link).
Does that sound feasible at all?
Not really, as that defeats the purpose of recording the known checksum (if an attack controls the domain you're downloading from, they also control the checksum, so they can change both). The checksum is optional, so you could just skip it.
WheezyE
Hi there,
I would like to add a verb to winetricks for a radio modem called VARA, but the developer updates it a lot and future versions break compitability with older versions. The developer does not provide an auto-update feature within VARA, so I cannot have winetricks just install an old version and have it auto-update.
I would like to write a winetricks verb that retrieves an SHA256 hash from the developer's website (haven't figured out how to do that POSIXly yet) and then uses that hash to download from a static location (for example, something like: https://downloads.winlink.org/VARA%20Products/VARA%20HF%20setup%20latest.zip - I'll talk to the website admins about adding a static link).
Does that sound feasible at all?