[Libreoffice-commits] core.git: Branch 'libreoffice-4-1' - solenv/bin

Andras Timar andras.timar at collabora.com
Tue Oct 8 05:58:27 PDT 2013


 solenv/bin/modules/installer.pm             |   30 +++-------------------------
 solenv/bin/modules/installer/windows/msp.pm |   30 ++++++++++++++++++++++++++++
 2 files changed, 34 insertions(+), 26 deletions(-)

New commits:
commit 4854217ab86c3b5f47412ecdb9dd609192c4fe13
Author: Andras Timar <andras.timar at collabora.com>
Date:   Sun Sep 29 09:39:22 2013 -0700

    I forgot to add -d swith to signtool
    
    The UAC prompt shows a temporary random Program Name for msi, if the
    -d switch is not given.
    
    One more change: probably it is not wise to print the password of
    code signing key in clear text to log and to screen.
    
    Change-Id: I1f555754eee19708bbd7a3c70280fe662c77fc3a
    Reviewed-on: https://gerrit.libreoffice.org/6081
    Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice at googlemail.com>
    Tested-by: Christian Lohmaier <lohmaier+LibreOffice at googlemail.com>

diff --git a/solenv/bin/modules/installer.pm b/solenv/bin/modules/installer.pm
index a5a6a01..ead0f3c 100644
--- a/solenv/bin/modules/installer.pm
+++ b/solenv/bin/modules/installer.pm
@@ -1648,31 +1648,6 @@ sub run {
                 # Path of new installation set: $finalinstalldir
                 # Path of old installation set: $installer::globals::updatedatabasepath
                 my $mspdir = installer::windows::msp::create_msp_patch($finalinstalldir, $includepatharrayref, $allvariableshashref, $languagestringref, $languagesarrayref, $filesinproductlanguageresolvedarrayref);
-                if ( defined($ENV{'WINDOWS_BUILD_SIGNING'}) && ($ENV{'WINDOWS_BUILD_SIGNING'} eq 'TRUE') )
-                {
-                    my $systemcall = "signtool.exe sign ";
-                    if ( defined($ENV{'PFXFILE'}) ) { $systemcall .= "-f $ENV{'PFXFILE'} "; }
-                    if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall .= "-p $ENV{'PFXPASSWORD'} "; }
-                    if ( defined($ENV{'TIMESTAMPURL'}) ) { $systemcall .= "-t $ENV{'TIMESTAMPURL'} "; } else { $systemcall .= "-t http://timestamp.globalsign.com/scripts/timestamp.dll "; }
-                    $systemcall .= $mspdir . "/*.msp";
-                    installer::logger::print_message( "... $systemcall ...\n" );
-
-                    my $returnvalue = system($systemcall);
-
-                    my $infoline = "Systemcall: $systemcall\n";
-                    push( @installer::globals::logfileinfo, $infoline);
-
-                    if ($returnvalue)
-                    {
-                        $infoline = "ERROR: Could not execute \"$systemcall\"!\n";
-                        push( @installer::globals::logfileinfo, $infoline);
-                    }
-                    else
-                    {
-                        $infoline = "Success: Executed \"$systemcall\" successfully!\n";
-                        push( @installer::globals::logfileinfo, $infoline);
-                    }
-                }
                 ($is_success, $finalinstalldir) = installer::worker::analyze_and_save_logfile($loggingdir, $mspdir, $installlogdir, $allsettingsarrayref, $languagestringref, $current_install_number);
                 installer::worker::clean_output_tree(); # removing directories created in the output tree
             }
@@ -1699,11 +1674,14 @@ sub run {
                     if ( defined($ENV{'PFXFILE'}) ) { $systemcall .= "-f $ENV{'PFXFILE'} "; }
                     if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall .= "-p $ENV{'PFXPASSWORD'} "; }
                     if ( defined($ENV{'TIMESTAMPURL'}) ) { $systemcall .= "-t $ENV{'TIMESTAMPURL'} "; } else { $systemcall .= "-t http://timestamp.globalsign.com/scripts/timestamp.dll "; }
+                    $systemcall .= "-d \"" . installer::download::get_downloadname_productname($allvariableshashref) . " " . installer::download::get_download_version($allvariableshashref) . " " . installer::download::get_downloadname_language($languagestringref) . " " . installer::download::get_download_functionality($allvariableshashref) . "\" ";
                     $systemcall .= $finalinstalldir . $installer::globals::separator . $$downloadname . ".msi";
-                    installer::logger::print_message( "... $systemcall ...\n" );
+                    installer::logger::print_message( "... code signing and timestamping with signtool.exe ...\n" );
 
                     my $returnvalue = system($systemcall);
 
+                    # do not print password to log
+                    if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall =~ s/$ENV{'PFXPASSWORD'}/********/; }
                     my $infoline = "Systemcall: $systemcall\n";
                     push( @installer::globals::logfileinfo, $infoline);
 
diff --git a/solenv/bin/modules/installer/windows/msp.pm b/solenv/bin/modules/installer/windows/msp.pm
index 9892c7d..7c7fcb9 100644
--- a/solenv/bin/modules/installer/windows/msp.pm
+++ b/solenv/bin/modules/installer/windows/msp.pm
@@ -1205,6 +1205,36 @@ sub create_msp_patch
     installer::logger::include_timestamp_into_logfile("\nPerformance Info: Starting msimsp.exe");
     my $msimsplogfile = execute_msimsp($fullpcpfilename, $mspfilename, $localmspdir);
 
+    # Sign .msp file
+    if ( defined($ENV{'WINDOWS_BUILD_SIGNING'}) && ($ENV{'WINDOWS_BUILD_SIGNING'} eq 'TRUE') )
+    {
+        my $systemcall = "signtool.exe sign ";
+        if ( defined($ENV{'PFXFILE'}) ) { $systemcall .= "-f $ENV{'PFXFILE'} "; }
+        if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall .= "-p $ENV{'PFXPASSWORD'} "; }
+        if ( defined($ENV{'TIMESTAMPURL'}) ) { $systemcall .= "-t $ENV{'TIMESTAMPURL'} "; } else { $systemcall .= "-t http://timestamp.globalsign.com/scripts/timestamp.dll "; }
+        $systemcall .= "-d \"" . $allvariables->{'PRODUCTNAME'} . " " . $allvariables->{'PRODUCTVERSION'} . " Patch " . $allvariables->{'WINDOWSPATCHLEVEL'} . "\" ";
+        $systemcall .= $mspfilename;
+        installer::logger::print_message( "... code signing and timestamping with signtool.exe ...\n" );
+
+        my $returnvalue = system($systemcall);
+
+        # do not print password to log
+        if ( defined($ENV{'PFXPASSWORD'}) ) { $systemcall =~ s/$ENV{'PFXPASSWORD'}/********/; }
+        my $infoline = "Systemcall: $systemcall\n";
+        push( @installer::globals::logfileinfo, $infoline);
+
+        if ($returnvalue)
+        {
+            $infoline = "ERROR: Could not execute \"$systemcall\"!\n";
+            push( @installer::globals::logfileinfo, $infoline);
+        }
+        else
+        {
+            $infoline = "Success: Executed \"$systemcall\" successfully!\n";
+            push( @installer::globals::logfileinfo, $infoline);
+        }
+    }
+
     # Copy final installation set next to msp file
     installer::logger::include_timestamp_into_logfile("\nPerformance Info: Copying installation set");
     installer::logger::print_message( "... copying installation set ...\n" );


More information about the Libreoffice-commits mailing list