diff options
| author | Glenn Glazer <coyot@lindenlab.com> | 2017-03-31 12:38:37 -0700 |
|---|---|---|
| committer | Glenn Glazer <coyot@lindenlab.com> | 2017-03-31 12:38:37 -0700 |
| commit | 97c43e6397299620bd3018ae3221ec468cce7962 (patch) | |
| tree | 1cd7ffd6c62ff6af782a674bf1b28d90aa63209f /indra | |
| parent | 8adca0e9f920c7232c5f29df43210a09e4d7da97 (diff) | |
SL-321: sign *before* nsis grabs the EXEs
Diffstat (limited to 'indra')
| -rwxr-xr-x | indra/newview/viewer_manifest.py | 45 |
1 files changed, 25 insertions, 20 deletions
diff --git a/indra/newview/viewer_manifest.py b/indra/newview/viewer_manifest.py index 770567f13d..81711c717e 100755 --- a/indra/newview/viewer_manifest.py +++ b/indra/newview/viewer_manifest.py @@ -699,6 +699,29 @@ class WindowsManifest(ViewerManifest): "%%ENGAGEREGISTRY%%":engage_registry, "%%DELETE_FILES%%":self.nsi_file_commands(False)}) + # If we're on a build machine, sign the code using our Authenticode certificate. JC + # note that the enclosing setup exe is signed later, after the makensis makes it. + sign_py = os.path.expandvars("${SIGN}") + if not sign_py or sign_py == "${SIGN}": + sign_py = 'C:\\buildscripts\\code-signing\\sign.py' + else: + sign_py = sign_py.replace('\\', '\\\\\\\\') + python = os.path.expandvars("${PYTHON}") + if not python or python == "${PYTHON}": + python = 'python' + if os.path.exists(sign_py): + #Unlike the viewer binary, the VMP filenames are invariant with respect to version, os, etc. + print "about to run signing of: ", self.dst_path_of("apply_update.exe").replace('\\', '\\\\\\\\') + self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of("apply_update.exe").replace('\\', '\\\\\\\\'))) + print "about to run signing of: ", self.dst_path_of("download_update.exe").replace('\\', '\\\\\\\\') + self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of("download_update.exe").replace('\\', '\\\\\\\\'))) + print "about to run signing of: ", self.dst_path_of("SL_Launcher.exe").replace('\\', '\\\\\\\\') + self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of("SL_Launcher.exe").replace('\\', '\\\\\\\\'))) + print "about to run signing of: ", self.dst_path_of("update_manager.exe").replace('\\', '\\\\\\\\') + self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of("update_manager.exe").replace('\\', '\\\\\\\\'))) + else: + print "Skipping code signing of vmp executables,", sign_py, "does not exist" + # We use the Unicode version of NSIS, available from # http://www.scratchpaper.com/ # Check two paths, one for Program Files, and one for Program Files (x86). @@ -722,30 +745,12 @@ class WindowsManifest(ViewerManifest): else: print >> sys.stderr, "Maximum nsis attempts exceeded; giving up" raise - # self.remove(self.dst_path_of(tempfile)) - # If we're on a build machine, sign the code using our Authenticode certificate. JC - sign_py = os.path.expandvars("${SIGN}") - if not sign_py or sign_py == "${SIGN}": - sign_py = 'C:\\buildscripts\\code-signing\\sign.py' - else: - sign_py = sign_py.replace('\\', '\\\\\\\\') - python = os.path.expandvars("${PYTHON}") - if not python or python == "${PYTHON}": - python = 'python' + if os.path.exists(sign_py): print "about to run signing of: ", self.dst_path_of(installer_file).replace('\\', '\\\\\\\\') self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of(installer_file).replace('\\', '\\\\\\\\'))) - #Unlike the viewer binary, the VMP filenames are invariant with respect to version, os, etc. - print "about to run signing of: ", self.dst_path_of("apply_update.exe").replace('\\', '\\\\\\\\') - self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of("apply_update.exe").replace('\\', '\\\\\\\\'))) - print "about to run signing of: ", self.dst_path_of("download_update.exe").replace('\\', '\\\\\\\\') - self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of("download_update.exe").replace('\\', '\\\\\\\\'))) - print "about to run signing of: ", self.dst_path_of("SL_Launcher.exe").replace('\\', '\\\\\\\\') - self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of("SL_Launcher.exe").replace('\\', '\\\\\\\\'))) - print "about to run signing of: ", self.dst_path_of("update_manager.exe").replace('\\', '\\\\\\\\') - self.run_command("%s %s %s" % (python, sign_py, self.dst_path_of("update_manager.exe").replace('\\', '\\\\\\\\'))) else: - print "Skipping code signing,", sign_py, "does not exist" + print "Skipping code signing of setup executable,", sign_py, "does not exist" self.created_path(self.dst_path_of(installer_file)) self.package_file = installer_file |