CMake fixes for buildbot/MSI package building and signing:

- FIND_PROGRAM (signtool) will now get a hint about location of signtool.exe (Windows SDK)
- Targets "package" or "msi" will now fail, l if signing is requested but does not work
  (e.g invalid certificate)
- During install, do not re-sign binaries, if they are already signed.
- Preserve mysqld_error.h timestamp whenever possible. This helps avoiding situations 
where the whole server is rebuilt, whenever comp_err.exe changes (for example after code 
signing, or also after a minor fix in mysys)
- Fix Wix error in UpgradeVersion, if patch part of the version is 0.

extra/CMakeLists.txt

@@ -22,19 +22,25 @@ TARGET_LINK_LIBRARIES(comp_err debug dbug mysys strings zlib wsock32)
 
 GET_TARGET_PROPERTY(COMP_ERR_EXE comp_err LOCATION)
 
-ADD_CUSTOM_COMMAND(OUTPUT ${CMAKE_BINARY_DIR}/include/mysqld_error.h
-                   COMMAND ${COMP_ERR_EXE}
-                    --charset=${PROJECT_SOURCE_DIR}/sql/share/charsets 
-                    --out-dir=${CMAKE_BINARY_DIR}/sql/share/
-                    --header_file=${CMAKE_BINARY_DIR}/include/mysqld_error.h 
-                    --name_file=${CMAKE_BINARY_DIR}/include/mysqld_ername.h
-                    --state_file=${CMAKE_BINARY_DIR}/include/sql_state.h
-                    --in_file=${PROJECT_SOURCE_DIR}/sql/share/errmsg.txt
-                   DEPENDS comp_err ${PROJECT_SOURCE_DIR}/sql/share/errmsg.txt)
+# Generate mysqld_error.h
+# Try not to change its timestamp if not necessary(as touching
+# mysqld_error.h results in rebuild of the almost whole server)
+# To preserve timestamp, first generate a temp header file, then copy it
+# to mysqld_error.h using cmake -E copy_if_different
+ADD_CUSTOM_COMMAND(OUTPUT ${CMAKE_BINARY_DIR}/include/mysqld_error.h.tmp
+   COMMAND ${COMP_ERR_EXE}
+	--charset=${PROJECT_SOURCE_DIR}/sql/share/charsets 
+	--out-dir=${CMAKE_BINARY_DIR}/sql/share/
+	--header_file=${CMAKE_BINARY_DIR}/include/mysqld_error.h.tmp 
+	--name_file=${CMAKE_BINARY_DIR}/include/mysqld_ername.h
+	--state_file=${CMAKE_BINARY_DIR}/include/sql_state.h
+	--in_file=${PROJECT_SOURCE_DIR}/sql/share/errmsg.txt
+   COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_BINARY_DIR}/include/mysqld_error.h.tmp ${CMAKE_BINARY_DIR}/include/mysqld_error.h
+   DEPENDS comp_err ${PROJECT_SOURCE_DIR}/sql/share/errmsg.txt)
 
 ADD_CUSTOM_TARGET(GenError
                   ALL
-                  DEPENDS ${CMAKE_BINARY_DIR}/include/mysqld_error.h)
+                  DEPENDS ${CMAKE_BINARY_DIR}/include/mysqld_error.h.tmp)
 
 ADD_EXECUTABLE(my_print_defaults my_print_defaults.c)
 TARGET_LINK_LIBRARIES(my_print_defaults strings mysys debug dbug taocrypt wsock32)

win/cmake/install_macros.cmake

@@ -151,29 +151,13 @@ IF(WIN32)
    SET(SIGNTOOL_PARAMETERS 
      /a /t http://timestamp.verisign.com/scripts/timstamp.dll
      CACHE STRING "parameters for signtool (list)")
-    FIND_PROGRAM(SIGNTOOL_EXECUTABLE signtool)
+    FIND_PROGRAM(SIGNTOOL_EXECUTABLE signtool 
+      PATHS "$ENV{ProgramFiles}/Microsoft SDKs/Windows/v7.0A"
+    )
     IF(NOT SIGNTOOL_EXECUTABLE)
       MESSAGE(FATAL_ERROR 
       "signtool is not found. Signing executables not possible")
     ENDIF()
-    IF(NOT DEFINED SIGNCODE_ENABLED)
-      FILE(WRITE ${CMAKE_CURRENT_BINARY_DIR}/testsign.c "int main(){return 0;}")
-      MAKE_DIRECTORY(${CMAKE_CURRENT_BINARY_DIR}/testsign)
-     TRY_COMPILE(RESULT ${CMAKE_CURRENT_BINARY_DIR}/testsign ${CMAKE_CURRENT_BINARY_DIR}/testsign.c  
-      COPY_FILE ${CMAKE_CURRENT_BINARY_DIR}/testsign.exe
-     )
-      
-     EXECUTE_PROCESS(COMMAND 
-      ${SIGNTOOL_EXECUTABLE} sign ${SIGNTOOL_PARAMETERS} ${CMAKE_CURRENT_BINARY_DIR}/testsign.exe
-      RESULT_VARIABLE ERR ERROR_QUIET OUTPUT_QUIET
-      )
-      IF(ERR EQUAL 0)
-       SET(SIGNCODE_ENABLED 1 CACHE INTERNAL "Can sign executables")
-      ELSE()
-       MESSAGE(STATUS "Disable authenticode signing for executables")
-        SET(SIGNCODE_ENABLED 0 CACHE INTERNAL "Invalid or missing certificate")
-      ENDIF()
-    ENDIF()
     MARK_AS_ADVANCED(SIGNTOOL_EXECUTABLE  SIGNTOOL_PARAMETERS)
   ENDIF()
 ENDIF()
@@ -195,11 +179,16 @@ MACRO(SIGN_TARGET)
    ENDIF()
    INSTALL(CODE
    "EXECUTE_PROCESS(COMMAND 
+   \"${SIGNTOOL_EXECUTABLE}\" verify /pa /q \"${target_location}\"
+   RESULT_VARIABLE ERR)
+   IF(NOT \${ERR} EQUAL 0)
+     EXECUTE_PROCESS(COMMAND 
      \"${SIGNTOOL_EXECUTABLE}\" sign ${SIGNTOOL_PARAMETERS} \"${target_location}\"
      RESULT_VARIABLE ERR)
-    IF(NOT \${ERR} EQUAL 0)
-      MESSAGE(FATAL_ERROR \"Error signing  ${target_location}\")
-    ENDIF()
+   ENDIF()
+   IF(NOT \${ERR} EQUAL 0)
+    MESSAGE(FATAL_ERROR \"Error signing  '${target_location}'\")
+   ENDIF()
    " ${comp})
  ENDIF()
 ENDMACRO()
@@ -229,7 +218,7 @@ FUNCTION(MYSQL_INSTALL_TARGETS)
 
   FOREACH(target ${TARGETS})
     # If signing is required, sign executables before installing
-     IF(SIGNCODE AND SIGNCODE_ENABLED)
+     IF(SIGNCODE)
       SIGN_TARGET(${target} ${COMP})
     ENDIF()
     # Install man pages on Unix

win/packaging/mysql_server.wxs.in

@@ -22,6 +22,7 @@
 
     <!-- Upgrade -->
     <Upgrade Id="@CPACK_WIX_UPGRADE_CODE@">
+      <?if "@PATCH_VERSION@" != "0"?>
       <UpgradeVersion 
         Minimum="@MAJOR_VERSION@.@MINOR_VERSION@.0"
         IncludeMinimum="yes"
@@ -29,6 +30,7 @@
         Property="OLDERVERSIONBEINGUPGRADED"
         MigrateFeatures="yes"
         />
+     <?endif?>
       <UpgradeVersion 
         Minimum="@MAJOR_VERSION@.@MINOR_VERSION@.@PATCH_VERSION@"
         Maximum="@MAJOR_VERSION@.@MINOR_VERSION@.999"