Bug#24732 Executables do not include Vista manifests
- Sign executables with MySQL AB security certificate. BitKeeper/etc/ignore: Bug#24732 Executables do not include Vista manifests - Ignore security catalog descriptions CMakeLists.txt: Bug#24732 Executables do not include Vista manifests - Search for additional tools necessary to embed, catalog and sign targets. win/README: Bug#24732 Executables do not include Vista manifests - Add internal only note to EMBED_MANIFESTS option. win/create_manifest.js: Bug#24732 Executables do not include Vista manifests - Added publicKeyToken attribute to manifest. win/mysql_manifest.cmake: Bug#24732 Executables do not include Vista manifests - Add additional commands to create security catalog and sign targets. - Add parameters to add appropiate hash attribute to manifest and create security content description of the security catalog.
This commit is contained in:
parent
1370b325c6
commit
a34879ebd2
@ -6,6 +6,7 @@
|
|||||||
*.bin
|
*.bin
|
||||||
*.vcproj.cmake
|
*.vcproj.cmake
|
||||||
cmake_install.cmake
|
cmake_install.cmake
|
||||||
|
*.cdf
|
||||||
*.core
|
*.core
|
||||||
*.d
|
*.d
|
||||||
*.da
|
*.da
|
||||||
|
@ -139,21 +139,47 @@ ENDIF(CMAKE_GENERATOR MATCHES "Visual Studio 7" OR
|
|||||||
ADD_DEFINITIONS("-D_WINDOWS -D__WIN__ -D _CRT_SECURE_NO_DEPRECATE")
|
ADD_DEFINITIONS("-D_WINDOWS -D__WIN__ -D _CRT_SECURE_NO_DEPRECATE")
|
||||||
|
|
||||||
IF(EMBED_MANIFESTS)
|
IF(EMBED_MANIFESTS)
|
||||||
# Search for the Manifest tool. CMake will first search it's defaults
|
# Search for the tools (mt, makecat, signtool) necessary for embedding
|
||||||
# (CMAKE_FRAMEWORK_PATH, CMAKE_APPBUNDLE_PATH, CMAKE_PROGRAM_PATH and
|
# manifests and signing executables with the MySQL AB authenticode cert.
|
||||||
# the system PATH) followed by the listed paths which are the current
|
#
|
||||||
# possible defaults and should be updated when necessary. The custom
|
# CMake will first search it's defaults (CMAKE_FRAMEWORK_PATH,
|
||||||
# manifests are designed to be compatible with all mt versions.
|
# CMAKE_APPBUNDLE_PATH, CMAKE_PROGRAM_PATH and the system PATH) followed
|
||||||
|
# by the listed paths which are the current possible defaults and should be
|
||||||
|
# updated when necessary.
|
||||||
|
#
|
||||||
|
# The custom manifests are designed to be compatible with all mt versions.
|
||||||
|
# The MySQL AB Authenticode certificate is available only internally.
|
||||||
|
# Others should store a single signing certificate in a local cryptographic
|
||||||
|
# service provider and alter the signtool command as necessary.
|
||||||
FIND_PROGRAM(HAVE_MANIFEST_TOOL NAMES mt
|
FIND_PROGRAM(HAVE_MANIFEST_TOOL NAMES mt
|
||||||
PATHS
|
PATHS
|
||||||
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/VC/bin"
|
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/VC/bin"
|
||||||
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/Common7/Tools/Bin"
|
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/Common7/Tools/Bin"
|
||||||
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/SDK/v2.0/Bin")
|
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/SDK/v2.0/Bin")
|
||||||
|
FIND_PROGRAM(HAVE_CATALOG_TOOL NAMES makecat
|
||||||
|
PATHS
|
||||||
|
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/Common7/Tools/Bin")
|
||||||
|
FIND_PROGRAM(HAVE_SIGN_TOOL NAMES signtool
|
||||||
|
PATHS
|
||||||
|
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/Common7/Tools/Bin"
|
||||||
|
"$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/SDK/v2.0/Bin")
|
||||||
|
|
||||||
IF(HAVE_MANIFEST_TOOL)
|
IF(HAVE_MANIFEST_TOOL)
|
||||||
MESSAGE(STATUS "Found Mainfest Tool. Embedding custom manifests.")
|
MESSAGE(STATUS "Found Mainfest Tool.")
|
||||||
ELSE(HAVE_MANIFEST_TOOL)
|
ELSE(HAVE_MANIFEST_TOOL)
|
||||||
MESSAGE(FATAL_ERROR "Manifest tool, mt.exe, can't be found.")
|
MESSAGE(FATAL_ERROR "Manifest tool, mt.exe, can't be found.")
|
||||||
ENDIF(HAVE_MANIFEST_TOOL)
|
ENDIF(HAVE_MANIFEST_TOOL)
|
||||||
|
IF(HAVE_CATALOG_TOOL)
|
||||||
|
MESSAGE(STATUS "Found Catalog Tool.")
|
||||||
|
ELSE(HAVE_CATALOG_TOOL)
|
||||||
|
MESSAGE(FATAL_ERROR "Catalog tool, makecat.exe, can't be found.")
|
||||||
|
ENDIF(HAVE_CATALOG_TOOL)
|
||||||
|
IF(HAVE_SIGN_TOOL)
|
||||||
|
MESSAGE(STATUS "Found Sign Tool. Embedding custom manifests and signing executables.")
|
||||||
|
ELSE(HAVE_SIGN_TOOL)
|
||||||
|
MESSAGE(FATAL_ERROR "Sign tool, signtool.exe, can't be found.")
|
||||||
|
ENDIF(HAVE_SIGN_TOOL)
|
||||||
|
|
||||||
# Disable automatic manifest generation.
|
# Disable automatic manifest generation.
|
||||||
STRING(REPLACE "/MANIFEST" "/MANIFEST:NO" CMAKE_EXE_LINKER_FLAGS
|
STRING(REPLACE "/MANIFEST" "/MANIFEST:NO" CMAKE_EXE_LINKER_FLAGS
|
||||||
${CMAKE_EXE_LINKER_FLAGS})
|
${CMAKE_EXE_LINKER_FLAGS})
|
||||||
|
@ -51,7 +51,8 @@ The options right now are
|
|||||||
DISABLE_GRANT_OPTIONS Disables the use of --init-file and --skip-grant-tables
|
DISABLE_GRANT_OPTIONS Disables the use of --init-file and --skip-grant-tables
|
||||||
options of mysqld.exe
|
options of mysqld.exe
|
||||||
EMBED_MANIFESTS Embed custom manifests into final exes, otherwise VS
|
EMBED_MANIFESTS Embed custom manifests into final exes, otherwise VS
|
||||||
default will be used.
|
default will be used. (Note - This option should only be
|
||||||
|
used by MySQL AB.)
|
||||||
|
|
||||||
|
|
||||||
So the command line could look like:
|
So the command line could look like:
|
||||||
|
@ -56,7 +56,7 @@ try
|
|||||||
manifest_xml+= "\t<assemblyIdentity name=\'" + app_name + "\'";
|
manifest_xml+= "\t<assemblyIdentity name=\'" + app_name + "\'";
|
||||||
manifest_xml+= " version=\'" + app_version + "\'";
|
manifest_xml+= " version=\'" + app_version + "\'";
|
||||||
manifest_xml+= " processorArchitecture=\'" + app_arch + "\'";
|
manifest_xml+= " processorArchitecture=\'" + app_arch + "\'";
|
||||||
// TOADD - Add publicKeyToken attribute once we have Authenticode key.
|
manifest_xml+= " publicKeyToken=\'02ad33b422233ae3\'";
|
||||||
manifest_xml+= " type=\'win32\' />\r\n";
|
manifest_xml+= " type=\'win32\' />\r\n";
|
||||||
// Identify the application security requirements.
|
// Identify the application security requirements.
|
||||||
manifest_xml+= "\t<trustInfo xmlns=\'urn:schemas-microsoft-com:asm.v2\'>\r\n";
|
manifest_xml+= "\t<trustInfo xmlns=\'urn:schemas-microsoft-com:asm.v2\'>\r\n";
|
||||||
|
@ -14,7 +14,8 @@ MACRO(MYSQL_EMBED_MANIFEST _target_name _required_privs)
|
|||||||
ADD_CUSTOM_COMMAND(
|
ADD_CUSTOM_COMMAND(
|
||||||
TARGET ${_target_name}
|
TARGET ${_target_name}
|
||||||
POST_BUILD
|
POST_BUILD
|
||||||
COMMAND mt.exe
|
COMMAND mt.exe ARGS -nologo -hashupdate -makecdfs -manifest $(IntDir)\\$(TargetFileName).intermediate.manifest -outputresource:$(TargetPath)
|
||||||
ARGS -nologo -manifest $(IntDir)\\$(TargetFileName).intermediate.manifest -outputresource:$(TargetPath)
|
COMMAND makecat.exe ARGS $(IntDir)\\$(TargetFileName).intermediate.manifest.cdf
|
||||||
COMMENT "Embeds the manifest contents.")
|
COMMAND signtool.exe ARGS sign /a /t http://timestamp.verisign.com/scripts/timstamp.dll $(TargetPath)
|
||||||
|
COMMENT "Embeds the manifest contents, creates a cryptographic catalog, signs the target with Authenticode certificate.")
|
||||||
ENDMACRO(MYSQL_EMBED_MANIFEST)
|
ENDMACRO(MYSQL_EMBED_MANIFEST)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user