diff --git a/install.ps1 b/install.ps1 index a4f0a5b..812ca45 100644 --- a/install.ps1 +++ b/install.ps1 @@ -1,14 +1,45 @@ param ( [string]$tag, - [string]$binDir = "." + [string]$binDir = ".", + [switch]$insecure ) $ErrorActionPreference = "Stop" $ProgressPreference = 'SilentlyContinue' +function Invoke-WebRequestInsecure { + param( + [string]$Uri, + [string]$OutFile = $null, + [string]$Method = "GET" + ) + + if ($insecure) { + # For older PowerShell versions, we need to use this callback + add-type @" + using System.Net; + using System.Security.Cryptography.X509Certificates; + public class TrustAllCertsPolicy : ICertificatePolicy { + public bool CheckValidationResult( + ServicePoint srvPoint, X509Certificate certificate, + WebRequest request, int certificateProblem) { + return true; + } + } +"@ + [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy + } + + if ($OutFile) { + Invoke-WebRequest -Uri $Uri -OutFile $OutFile -Method $Method -UseBasicParsing + } else { + Invoke-RestMethod -Uri $Uri -Method $Method -UseBasicParsing + } +} + function Get-LatestVersion { $url = "https://api.github.com/repos/orcasecurity/orca-cli/releases/latest" - $latestRelease = Invoke-RestMethod -Uri $url + $latestRelease = Invoke-WebRequestInsecure -Uri $url return $latestRelease.tag_name } @@ -16,31 +47,26 @@ function Validate-Tag { param ( [string]$tag ) - $url = "https://api.github.com/repos/orcasecurity/orca-cli/releases/tags/$tag" try { - $response = Invoke-RestMethod -Uri $url -Method Head -ErrorAction Stop + Invoke-WebRequestInsecure -Uri $url -Method "HEAD" return $true } catch { return $false } } -# Detect architecture function Get-Architecture { - # Check if the OS is 64-bit $is64bit = [Environment]::Is64BitOperatingSystem - - # Determine the processor architecture if ($is64bit) { if ([System.Environment]::GetEnvironmentVariable("PROCESSOR_ARCHITECTURE") -eq "AMD64") { - return "amd64" + return "amd64" } else { return "arm64" } } else { Write-Output "At this moment 32-bit Architecture is not supported." - exit 1 + exit 1 } } @@ -49,7 +75,6 @@ function Download-InstallOrcaCLI { [string]$tag, [string]$binDir ) - $arch = Get-Architecture $tarballUrl = "https://github.com/orcasecurity/orca-cli/releases/download/$tag/orca-cli_$($tag)_windows_$arch.zip" $checksumUrl = "https://github.com/orcasecurity/orca-cli/releases/download/$tag/orca-cli_$($tag)_checksums.txt" @@ -58,15 +83,16 @@ function Download-InstallOrcaCLI { $tempDirName = "orca-cli_temp_" + (Get-Random) $tempDir = New-Item -ItemType Directory -Path $env:TEMP -Name $tempDirName | Select-Object -ExpandProperty FullName Write-Output "Downloading files into $($tempDir)" + try { - Invoke-WebRequest -Uri $tarballUrl -OutFile "$($tempDir)\orca-cli_windows.zip" -ErrorAction Stop + Invoke-WebRequestInsecure -Uri $tarballUrl -OutFile "$($tempDir)\orca-cli_windows.zip" } catch { Write-Error "Failed to download the binary. Please check your internet connection and ensure that the version/tag is correct." return } try { - Invoke-WebRequest -Uri $checksumUrl -OutFile "$($tempDir)\orca-cli_windows_checksums.txt" -ErrorAction Stop + Invoke-WebRequestInsecure -Uri $checksumUrl -OutFile "$($tempDir)\orca-cli_windows_checksums.txt" } catch { Write-Error "Failed to download the checksum file. Please check your internet connection and ensure that the version/tag is correct." return