diff options
author | Andras Timar <andras.timar@collabora.com> | 2013-09-17 23:02:40 -0700 |
---|---|---|
committer | Andras Timar <andras.timar@collabora.com> | 2013-09-17 23:02:40 -0700 |
commit | d0872a737ee315d18ad04723d5bc0ab619559e1f (patch) | |
tree | 7eecdab4fb7eb3d7b0d6945ab169a4683df481d4 | |
parent | 12ff414554a75c03130bdcc911157f2e89b77f2e (diff) |
Enable code signing on Windows
Change-Id: I5538c56498e926504a0c2d217d0c69b94b1b1551
-rw-r--r-- | distro-configs/CPWin32.conf | 1 | ||||
-rw-r--r-- | postprocess/signing/signing.pl | 27 | ||||
-rw-r--r-- | solenv/bin/modules/installer.pm | 49 |
3 files changed, 63 insertions, 14 deletions
diff --git a/distro-configs/CPWin32.conf b/distro-configs/CPWin32.conf index a2a6ea8aaa0d..12f4cc855602 100644 --- a/distro-configs/CPWin32.conf +++ b/distro-configs/CPWin32.conf @@ -33,3 +33,4 @@ --enable-win-mozab-driver --disable-build-mozab --with-lang=af ar bn ca cs da de el en-GB en-US en-ZA es fi fr gu he hi hu it ja ko mr nb nl nn pl pt-BR pt ru sk sl sv ta tr xh zh-CN zh-TW zu +--enable-windows-build-signing diff --git a/postprocess/signing/signing.pl b/postprocess/signing/signing.pl index b937f0e634bb..fc17092594d5 100644 --- a/postprocess/signing/signing.pl +++ b/postprocess/signing/signing.pl @@ -147,9 +147,9 @@ sub sign_files #09.07.2007 10:36 } $signtool .= " -v" if ($opt_verbose); $commandline_base = $signtool; - $commandline_base .= " -f $opt_pfxfile" if ($opt_pfxfile != ""); - $commandline_base .= " -p $opt_pass" if ($opt_pass != ""); - $commandline_base .= " -t $opt_timestamp_url" if ($opt_timestamp_url != ""); + $commandline_base .= " -f $opt_pfxfile" if ($opt_pfxfile ne ""); + $commandline_base .= " -p $opt_pass" if ($opt_pass ne ""); + $commandline_base .= " -t $opt_timestamp_url" if ($opt_timestamp_url ne ""); # Here switch between: # one command line for muliple files (all doesn't work, too much) / for each file one command line @@ -208,17 +208,16 @@ sub execute #11.07.2007 10:02 { my $commandline = shift; my $result = ""; - - print "$commandline\n" if ($debug); - open(PIPE, "$commandline 2>&1 |") || die "Error: Cant open pipe!\n"; - while ( $result = <PIPE> ) { - print LOG "$result" if ($opt_log); # logging - if ( $result =~ /SignTool Error\:/ ) { - close PIPE; - print_error( "$result\n" ); - } # if error - } # while - close PIPE; + my $errorlines = ""; + + print "$commandline\n" if ($debug); + open(PIPE, "$commandline 2>&1 |") || die "Error: Cannot execute '$commandline' - $!\n"; + while ( $result = <PIPE> ) { + print LOG "$result" if ($opt_log); + $errorlines .= $result if ($result =~ /SignTool Error\:/); + } # while + close PIPE; + print_error( "$errorlines\n" ) if ($errorlines); } ##execute ############################################################################ diff --git a/solenv/bin/modules/installer.pm b/solenv/bin/modules/installer.pm index 84959b07800f..a1229273bc89 100644 --- a/solenv/bin/modules/installer.pm +++ b/solenv/bin/modules/installer.pm @@ -1720,6 +1720,31 @@ sub run { # Path of new installation set: $finalinstalldir # Path of old installation set: $installer::globals::updatedatabasepath my $mspdir = installer::windows::msp::create_msp_patch($finalinstalldir, $includepatharrayref, $allvariableshashref, $languagestringref, $languagesarrayref, $filesinproductlanguageresolvedarrayref); + if ( defined($ENV{'WINDOWS_BUILD_SIGNING'}) && ($ENV{'WINDOWS_BUILD_SIGNING'} eq 'TRUE') ) + { + my $systemcall = "signtool.exe sign "; + if ( defined($ENV{'PFXFILE'}) ) { $systemcall .= "-f $ENV{'PFXFILE'} "; } + if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall .= "-p $ENV{'PFXPASSWORD'} "; } + if ( defined($ENV{'TIMESTAMPURL'}) ) { $systemcall .= "-t $ENV{'TIMESTAMPURL'} "; } else { $systemcall .= "-t http://timestamp.globalsign.com/scripts/timestamp.dll "; } + $systemcall .= $mspdir . "/*.msp"; + installer::logger::print_message( "... $systemcall ...\n" ); + + my $returnvalue = system($systemcall); + + my $infoline = "Systemcall: $systemcall\n"; + push( @installer::globals::logfileinfo, $infoline); + + if ($returnvalue) + { + $infoline = "ERROR: Could not execute \"$systemcall\"!\n"; + push( @installer::globals::logfileinfo, $infoline); + } + else + { + $infoline = "Success: Executed \"$systemcall\" successfully!\n"; + push( @installer::globals::logfileinfo, $infoline); + } + } ($is_success, $finalinstalldir) = installer::worker::analyze_and_save_logfile($loggingdir, $mspdir, $installlogdir, $allsettingsarrayref, $languagestringref, $current_install_number); installer::worker::clean_output_tree(); # removing directories created in the output tree } @@ -1741,7 +1766,31 @@ sub run { if ( $allvariableshashref->{'OOODOWNLOADNAME'} ) { $$downloadname = installer::download::set_download_filename($languagestringref, $allvariableshashref); } else { $$downloadname = installer::download::resolve_variables_in_downloadname($allvariableshashref, $$downloadname, $languagestringref); } installer::systemactions::rename_one_file( $finalinstalldir . $installer::globals::separator . $installer::globals::shortmsidatabasename, $finalinstalldir . $installer::globals::separator . $$downloadname . ".msi" ); + if ( defined($ENV{'WINDOWS_BUILD_SIGNING'}) && ($ENV{'WINDOWS_BUILD_SIGNING'} eq 'TRUE') ) + { + my $systemcall = "signtool.exe sign "; + if ( defined($ENV{'PFXFILE'}) ) { $systemcall .= "-f $ENV{'PFXFILE'} "; } + if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall .= "-p $ENV{'PFXPASSWORD'} "; } + if ( defined($ENV{'TIMESTAMPURL'}) ) { $systemcall .= "-t $ENV{'TIMESTAMPURL'} "; } else { $systemcall .= "-t http://timestamp.globalsign.com/scripts/timestamp.dll "; } + $systemcall .= $finalinstalldir . $installer::globals::separator . $$downloadname . ".msi"; + installer::logger::print_message( "... $systemcall ...\n" ); + + my $returnvalue = system($systemcall); + my $infoline = "Systemcall: $systemcall\n"; + push( @installer::globals::logfileinfo, $infoline); + + if ($returnvalue) + { + $infoline = "ERROR: Could not execute \"$systemcall\"!\n"; + push( @installer::globals::logfileinfo, $infoline); + } + else + { + $infoline = "Success: Executed \"$systemcall\" successfully!\n"; + push( @installer::globals::logfileinfo, $infoline); + } + } } if (( $is_success ) && ( $create_download ) && ( $ENV{'ENABLE_DOWNLOADSETS'} )) { |