There must be no relationship between a previous session ID and the next session ID. Session IDs are random strings with at least 128 bits of entropy. Concepts Session IDĪll requests in a session are linked by a unique session ID. The response may contain a JSON data body acknowledging the received data, but should be ignored by the client unless CUP is in use on this request. The ping-back is an HTTP POST with a JSON data body. The client is free to use any HTTP technology to fetch the downloads, for example using Range requests. The integrity of the update check is protected by CUP, even in the presence of compromised TLS. The update check is an HTTP POST with a JSON data body.
The Download(s): The client downloads the updates from the download servers.
If no updates are available, this is the end of the update session. The server replies with whether an update is available for each application.
The Update Check: The client transmits what applications it has installed that may be eligible for update to the server.Each step in the session involves at least one successful HTTP transaction. Omaha clients interact with the servers in a three-phase session. The protocol is an application-layer protocol on top of HTTP. The cloud infrastructure contains both an update control server (an “Omaha Server”) and a collection of plain HTTP servers or CDNs (collectively, the “Download Servers”). The Omaha protocol defines the interactions between a software updater (an “Omaha Client”) and a cloud update infrastructure.
0 kommentar(er)
