diff options
| author | Andras Timar <andras.timar@collabora.com> | 2013-09-29 09:39:22 -0700 |
|---|---|---|
| committer | Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> | 2013-10-08 12:58:06 +0000 |
| commit | 4854217ab86c3b5f47412ecdb9dd609192c4fe13 (patch) | |
| tree | 61fed42c3a9c7c7a91e56c722c4edf142aec18df | |
| parent | 26fcde48b6b403c896b18552343de084bc2184c3 (diff) | |
I forgot to add -d swith to signtool
The UAC prompt shows a temporary random Program Name for msi, if the
-d switch is not given.
One more change: probably it is not wise to print the password of
code signing key in clear text to log and to screen.
Change-Id: I1f555754eee19708bbd7a3c70280fe662c77fc3a
Reviewed-on: https://gerrit.libreoffice.org/6081
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
| -rw-r--r-- | solenv/bin/modules/installer.pm | 30 | ||||
| -rw-r--r-- | solenv/bin/modules/installer/windows/msp.pm | 30 |
2 files changed, 34 insertions, 26 deletions
diff --git a/solenv/bin/modules/installer.pm b/solenv/bin/modules/installer.pm index a5a6a0174970..ead0f3c4e74e 100644 --- a/solenv/bin/modules/installer.pm +++ b/solenv/bin/modules/installer.pm @@ -1648,31 +1648,6 @@ sub run { # Path of new installation set: $finalinstalldir # Path of old installation set: $installer::globals::updatedatabasepath my $mspdir = installer::windows::msp::create_msp_patch($finalinstalldir, $includepatharrayref, $allvariableshashref, $languagestringref, $languagesarrayref, $filesinproductlanguageresolvedarrayref); - if ( defined($ENV{'WINDOWS_BUILD_SIGNING'}) && ($ENV{'WINDOWS_BUILD_SIGNING'} eq 'TRUE') ) - { - my $systemcall = "signtool.exe sign "; - if ( defined($ENV{'PFXFILE'}) ) { $systemcall .= "-f $ENV{'PFXFILE'} "; } - if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall .= "-p $ENV{'PFXPASSWORD'} "; } - if ( defined($ENV{'TIMESTAMPURL'}) ) { $systemcall .= "-t $ENV{'TIMESTAMPURL'} "; } else { $systemcall .= "-t http://timestamp.globalsign.com/scripts/timestamp.dll "; } - $systemcall .= $mspdir . "/*.msp"; - installer::logger::print_message( "... $systemcall ...\n" ); - - my $returnvalue = system($systemcall); - - my $infoline = "Systemcall: $systemcall\n"; - push( @installer::globals::logfileinfo, $infoline); - - if ($returnvalue) - { - $infoline = "ERROR: Could not execute \"$systemcall\"!\n"; - push( @installer::globals::logfileinfo, $infoline); - } - else - { - $infoline = "Success: Executed \"$systemcall\" successfully!\n"; - push( @installer::globals::logfileinfo, $infoline); - } - } ($is_success, $finalinstalldir) = installer::worker::analyze_and_save_logfile($loggingdir, $mspdir, $installlogdir, $allsettingsarrayref, $languagestringref, $current_install_number); installer::worker::clean_output_tree(); # removing directories created in the output tree } @@ -1699,11 +1674,14 @@ sub run { if ( defined($ENV{'PFXFILE'}) ) { $systemcall .= "-f $ENV{'PFXFILE'} "; } if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall .= "-p $ENV{'PFXPASSWORD'} "; } if ( defined($ENV{'TIMESTAMPURL'}) ) { $systemcall .= "-t $ENV{'TIMESTAMPURL'} "; } else { $systemcall .= "-t http://timestamp.globalsign.com/scripts/timestamp.dll "; } + $systemcall .= "-d \"" . installer::download::get_downloadname_productname($allvariableshashref) . " " . installer::download::get_download_version($allvariableshashref) . " " . installer::download::get_downloadname_language($languagestringref) . " " . installer::download::get_download_functionality($allvariableshashref) . "\" "; $systemcall .= $finalinstalldir . $installer::globals::separator . $$downloadname . ".msi"; - installer::logger::print_message( "... $systemcall ...\n" ); + installer::logger::print_message( "... code signing and timestamping with signtool.exe ...\n" ); my $returnvalue = system($systemcall); + # do not print password to log + if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall =~ s/$ENV{'PFXPASSWORD'}/********/; } my $infoline = "Systemcall: $systemcall\n"; push( @installer::globals::logfileinfo, $infoline); diff --git a/solenv/bin/modules/installer/windows/msp.pm b/solenv/bin/modules/installer/windows/msp.pm index 9892c7df1b7b..7c7fcb95891c 100644 --- a/solenv/bin/modules/installer/windows/msp.pm +++ b/solenv/bin/modules/installer/windows/msp.pm @@ -1205,6 +1205,36 @@ sub create_msp_patch installer::logger::include_timestamp_into_logfile("\nPerformance Info: Starting msimsp.exe"); my $msimsplogfile = execute_msimsp($fullpcpfilename, $mspfilename, $localmspdir); + # Sign .msp file + if ( defined($ENV{'WINDOWS_BUILD_SIGNING'}) && ($ENV{'WINDOWS_BUILD_SIGNING'} eq 'TRUE') ) + { + my $systemcall = "signtool.exe sign "; + if ( defined($ENV{'PFXFILE'}) ) { $systemcall .= "-f $ENV{'PFXFILE'} "; } + if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall .= "-p $ENV{'PFXPASSWORD'} "; } + if ( defined($ENV{'TIMESTAMPURL'}) ) { $systemcall .= "-t $ENV{'TIMESTAMPURL'} "; } else { $systemcall .= "-t http://timestamp.globalsign.com/scripts/timestamp.dll "; } + $systemcall .= "-d \"" . $allvariables->{'PRODUCTNAME'} . " " . $allvariables->{'PRODUCTVERSION'} . " Patch " . $allvariables->{'WINDOWSPATCHLEVEL'} . "\" "; + $systemcall .= $mspfilename; + installer::logger::print_message( "... code signing and timestamping with signtool.exe ...\n" ); + + my $returnvalue = system($systemcall); + + # do not print password to log + if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall =~ s/$ENV{'PFXPASSWORD'}/********/; } + my $infoline = "Systemcall: $systemcall\n"; + push( @installer::globals::logfileinfo, $infoline); + + if ($returnvalue) + { + $infoline = "ERROR: Could not execute \"$systemcall\"!\n"; + push( @installer::globals::logfileinfo, $infoline); + } + else + { + $infoline = "Success: Executed \"$systemcall\" successfully!\n"; + push( @installer::globals::logfileinfo, $infoline); + } + } + # Copy final installation set next to msp file installer::logger::include_timestamp_into_logfile("\nPerformance Info: Copying installation set"); installer::logger::print_message( "... copying installation set ...\n" ); |