summaryrefslogtreecommitdiffstats
path: root/postprocess/signing
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 05:54:39 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 05:54:39 +0000
commit267c6f2ac71f92999e969232431ba04678e7437e (patch)
tree358c9467650e1d0a1d7227a21dac2e3d08b622b2 /postprocess/signing
parentInitial commit. (diff)
downloadlibreoffice-267c6f2ac71f92999e969232431ba04678e7437e.tar.xz
libreoffice-267c6f2ac71f92999e969232431ba04678e7437e.zip
Adding upstream version 4:24.2.0.upstream/4%24.2.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'postprocess/signing')
-rw-r--r--postprocess/signing/no_signing.txt16
-rw-r--r--postprocess/signing/signing.pl252
2 files changed, 268 insertions, 0 deletions
diff --git a/postprocess/signing/no_signing.txt b/postprocess/signing/no_signing.txt
new file mode 100644
index 0000000000..6de68e2e8c
--- /dev/null
+++ b/postprocess/signing/no_signing.txt
@@ -0,0 +1,16 @@
+cli_basetypes.dll
+cli_cppuhelper.dll
+cli_uretypes.dll
+cli_oootypes.dll
+cli_ure.dll
+policy.1.0.cli_uretypes.dll
+policy.1.0.cli_oootypes.dll
+policy.1.0.cli_ure.dll
+policy.1.0.cli_cppuhelper.dll
+policy.1.0.cli_basetypes.dll
+Windows6.1-KB2999226-x64.msu
+Windows6.1-KB2999226-x86.msu
+Windows8.1-KB2999226-x64.msu
+Windows8.1-KB2999226-x86.msu
+Windows8-RT-KB2999226-x64.msu
+Windows8-RT-KB2999226-x86.msu
diff --git a/postprocess/signing/signing.pl b/postprocess/signing/signing.pl
new file mode 100644
index 0000000000..793900ca07
--- /dev/null
+++ b/postprocess/signing/signing.pl
@@ -0,0 +1,252 @@
+:
+eval 'exec perl -wS $0 ${1+"$@"}'
+ if 0;
+#
+# This file is part of the LibreOffice project.
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# This file incorporates work covered by the following license notice:
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed
+# with this work for additional information regarding copyright
+# ownership. The ASF licenses this file to you under the Apache
+# License, Version 2.0 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.apache.org/licenses/LICENSE-2.0 .
+#
+
+use strict;
+use Getopt::Long;
+
+my $debug = 0;
+my $max_files = 400; # sign $max_files with one command line
+
+#### globals #####
+my $myname = "";
+my $opt_desc = "";
+my $opt_exclude = ""; # file with a list of not signable dll and exe files
+my $opt_verbose = 0;
+my $opt_help = 0;
+my $opt_log = ""; # for logging
+my $opt_pass = ""; # password for signing
+my $opt_pfxfile = ""; # Personal Information Exchange file
+my $opt_timestamp_url = ""; # timestamp url
+my %exclude_files = (); # list of not signable dll and exe files
+my $signtool = "signtool.exe sign";
+my @args = ();
+my @files_to_sign = ();
+
+#### main #####
+$myname = script_id();
+if ( $#ARGV < 2 ) {
+ usage();
+ exit(1);
+}
+@args = parse_options();
+get_exclude_files() if ($opt_exclude ne "");
+@files_to_sign = get_files(\@args);
+if ( $opt_log ) { # logging
+ open(LOG,">$opt_log") || die "Can't open log file $opt_log\n";
+}
+sign_files(\@files_to_sign);
+close LOG if ($opt_log); # logging
+exit 0;
+
+
+#### subroutines ####
+
+sub script_id
+{
+ ( my $script_name = $0 ) =~ s/^.*[\\\/]([\w\.]+)$/$1/;
+ return $script_name;
+}
+
+############################################################################
+sub parse_options #09.07.2007 08:13
+############################################################################
+{
+ # e exclude list file
+ # v verbose
+ my $success = GetOptions('h' => \$opt_help,
+ 'd=s' => \$opt_desc, 'e=s'=>\$opt_exclude, 'f=s'=>\$opt_pfxfile, 'l=s'=>\$opt_log,
+ 'p=s'=>\$opt_pass,'v'=>\$opt_verbose, 't=s'=>\$opt_timestamp_url);
+ if ( !$success || $opt_help ) {
+ usage();
+ exit(1);
+ }
+ return @ARGV;
+} ##parse_options
+
+############################################################################
+sub get_exclude_files #09.07.2007 10:12
+############################################################################
+{
+ if ( -e $opt_exclude ) {
+ # get data from cache file
+ open( IN, "<$opt_exclude") || die "Can't open exclude file $opt_exclude\n";
+ while ( my $line = <IN> ) {
+ chomp($line);
+ $exclude_files{$line} = 1; # fill hash
+ print "$line - $exclude_files{$line}\n" if ($debug);
+ }
+ } else
+ {
+ print_error("Can't open $opt_exclude file!\n");
+ }
+} ##get_exclude_files
+
+############################################################################
+sub get_files #10.07.2007 10:19
+############################################################################
+ {
+ use File::Basename;
+ my $target = shift;
+ my $file_pattern;
+ my $file;
+ my @files = ();
+ print "\n";
+ foreach $file_pattern ( @$target )
+ {
+ print "Files: $file_pattern\n";
+ foreach $file ( glob( $file_pattern ) )
+ {
+ my $lib = File::Basename::basename $file;
+ if ( ! $exclude_files{$lib} ) {
+ push @files,$file;
+ }
+ else
+ {
+ print "exclude=$lib\n" if ($opt_verbose);
+ }
+ }
+ }
+ print "\n";
+ return @files;
+} ##get_files
+
+############################################################################
+sub sign_files #09.07.2007 10:36
+############################################################################
+{
+ my $files_to_sign = shift;
+ my $commandline_base = ""; # contains whole stuff without the file name
+ my $file = "";
+ my $result = "";
+
+ if ( $opt_pass =~ /\.exe$/ ) {
+ # get password by tool
+ open(PIPE, "$opt_pass 2>&1 |") || die "Can't open PIPE!\n";
+ my $pass = <PIPE>;
+ close PIPE;
+ print_error("Can't get password!\n") if ( !$pass ); # exit here
+ $opt_pass = $pass;
+ }
+ $signtool .= " -v" if ($opt_verbose);
+ $commandline_base = $signtool;
+ $commandline_base .= " -fd sha256 -td sha256";
+ $commandline_base .= " -f $opt_pfxfile" if ($opt_pfxfile ne "");
+ $commandline_base .= " -p $opt_pass" if ($opt_pass ne "");
+ $commandline_base .= " -tr $opt_timestamp_url" if ($opt_timestamp_url ne "");
+ $commandline_base .= " -d \"$opt_desc\"" if ($opt_desc ne "");
+
+ # Here switch between:
+ # one command line for multiple files (all doesn't work, too much) / for each file one command line
+ if ( $max_files > 1 ) {
+ exec_multi_sign($files_to_sign, $commandline_base);
+ } else
+ {
+ exec_single_sign($files_to_sign, $commandline_base);
+ }
+} ##sign_files
+
+############################################################################
+sub exec_single_sign #11.07.2007 09:05
+############################################################################
+{
+ my $files_to_sign = shift;
+ my $commandline_base = shift; # contains whole stuff without the file name
+ my $file = "";
+ my $commandline = "";
+
+ foreach $file (@$files_to_sign)
+ {
+ $commandline = $commandline_base . " $file";
+ print "$commandline\n" if ($debug);
+ execute($commandline);
+ } #foreach
+} ##exec_single_sign
+
+############################################################################
+sub exec_multi_sign #11.07.2007 08:56
+############################################################################
+ {
+ # sign multiple file with one command line
+ my $files_to_sign = shift;
+ my $commandline_base = shift; # contains whole stuff without the file name
+ my $commandline = $commandline_base; # contains stuff which will be executed
+ my $file = "";
+ my $counter = 0;
+
+ foreach $file (@$files_to_sign)
+ {
+ $commandline .= " $file";
+ ++$counter;
+ if ( $counter >= $max_files ) {
+ execute($commandline);
+ $counter = 0; # reset counter
+ $commandline = $commandline_base; # reset command line
+ }
+ }
+ execute($commandline) if ($counter > 0);
+} ##exec_multi_sign
+
+############################################################################
+sub execute #11.07.2007 10:02
+############################################################################
+{
+ my $commandline = shift;
+ my $result = "";
+ my $errorlines = "";
+
+ print "$commandline\n" if ($debug);
+ open(PIPE, "$commandline 2>&1 |") || die "Error: Cannot execute '$commandline' - $!\n";
+ while ( $result = <PIPE> ) {
+ print LOG "$result" if ($opt_log);
+ $errorlines .= $result if ($result =~ /SignTool Error\:/);
+ } # while
+ close PIPE;
+ print_error( "$errorlines\n" ) if ($errorlines);
+} ##execute
+
+############################################################################
+sub print_error #09.07.2007 11:21
+############################################################################
+ {
+ my $text = shift;
+ print "ERROR: $text\n";
+ print LOG "ERROR: $text\n" if ($opt_log); # logging
+ close LOG if ($opt_log); # logging
+ exit(1);
+} ##print_error
+
+############################################################################
+sub usage #09.07.2007 08:39
+############################################################################
+ {
+ print "Usage:\t $myname [-e filename] [-f filename] [-p password] [-t timestamp] [-l filename] [-v] <file[list]> \n";
+ print "Options:\n";
+ print "\t -e filename\t\t\tFile which contains a list of files which don't have to be signed.\n";
+ print "\t -f pfx_filename\t\t\"Personal Information Exchange\" file.\n";
+ print "\t -p password\t\t\tPassword for \"Personal Information Exchange\" file.\n";
+ print "\t -t timestamp\t\t\tTimestamp URL e.g. \"http://timestamp.verisign.com/scripts/timstamp.dll\"\n";
+ print "\t -l log_filename\t\tFile for logging.\n";
+ print "\t -v\t\t\t\tVerbose.\n";
+} ##usage
+
+
+
+