List:Commits« Previous MessageNext Message »
From:Ignacio Galarza Date:July 25 2007 7:18pm
Subject:bk commit into 5.0 tree (iggy:1.2479) BUG#24732
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of iggy. When iggy does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-07-25 13:18:12-04:00, iggy@amd64.(none) +5 -0
  Bug#24732 Executables do not include Vista manifests
  - Sign executables with MySQL AB security certificate.

  BitKeeper/etc/ignore@stripped, 2007-07-25 13:18:10-04:00, iggy@amd64.(none) +1 -0
    Bug#24732 Executables do not include Vista manifests
    - Ignore security catalog descriptions

  CMakeLists.txt@stripped, 2007-07-25 13:18:10-04:00, iggy@amd64.(none) +32 -6
    Bug#24732 Executables do not include Vista manifests
    - Search for additional tools necessary to embed, catalog and sign
    targets.

  win/README@stripped, 2007-07-25 13:18:10-04:00, iggy@amd64.(none) +2 -1
    Bug#24732 Executables do not include Vista manifests
    - Add internal only note to EMBED_MANIFESTS option.

  win/create_manifest.js@stripped, 2007-07-25 13:18:10-04:00, iggy@amd64.(none) +1 -1
    Bug#24732 Executables do not include Vista manifests
    - Added publicKeyToken attribute to manifest.

  win/mysql_manifest.cmake@stripped, 2007-07-25 13:18:10-04:00, iggy@amd64.(none) +4 -3
    Bug#24732 Executables do not include Vista manifests
    - Add additional commands to create security catalog and sign 
    targets.
    - Add parameters to add appropiate hash attribute to manifest
    and create security content description of the security catalog.

diff -Nrup a/BitKeeper/etc/ignore b/BitKeeper/etc/ignore
--- a/BitKeeper/etc/ignore	2007-06-20 12:13:51 -04:00
+++ b/BitKeeper/etc/ignore	2007-07-25 13:18:10 -04:00
@@ -6,6 +6,7 @@
 *.bin
 *.vcproj.cmake
 cmake_install.cmake
+*.cdf
 *.core
 *.d
 *.da
diff -Nrup a/CMakeLists.txt b/CMakeLists.txt
--- a/CMakeLists.txt	2007-07-19 17:06:32 -04:00
+++ b/CMakeLists.txt	2007-07-25 13:18:10 -04:00
@@ -139,21 +139,47 @@ ENDIF(CMAKE_GENERATOR MATCHES "Visual St
 ADD_DEFINITIONS("-D_WINDOWS -D__WIN__ -D _CRT_SECURE_NO_DEPRECATE")
 
 IF(EMBED_MANIFESTS)
-    # Search for the Manifest tool.  CMake will first search it's defaults
-    # (CMAKE_FRAMEWORK_PATH, CMAKE_APPBUNDLE_PATH, CMAKE_PROGRAM_PATH and
-    # the system PATH) followed by the listed paths which are the current
-    # possible defaults and should be updated when necessary.  The custom
-    # manifests are designed to be compatible with all mt versions.
+    # Search for the tools (mt, makecat, signtool) necessary for embedding
+    # manifests and signing executables with the MySQL AB authenticode cert.
+    #
+    # CMake will first search it's defaults (CMAKE_FRAMEWORK_PATH, 
+    # CMAKE_APPBUNDLE_PATH, CMAKE_PROGRAM_PATH and the system PATH) followed 
+    # by the listed paths which are the current possible defaults and should be
+    # updated when necessary.  
+    # 
+    # The custom manifests are designed to be compatible with all mt versions.
+    # The MySQL AB Authenticode certificate is available only internally.  
+    # Others should store a single signing certificate in a local cryptographic
+    # service provider and alter the signtool command as necessary.
     FIND_PROGRAM(HAVE_MANIFEST_TOOL NAMES mt
                  PATHS
                  "$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/VC/bin"
                  "$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/Common7/Tools/Bin"
                  "$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/SDK/v2.0/Bin")
+    FIND_PROGRAM(HAVE_CATALOG_TOOL NAMES makecat
+                 PATHS
+                 "$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/Common7/Tools/Bin")
+    FIND_PROGRAM(HAVE_SIGN_TOOL NAMES signtool
+                 PATHS
+                 "$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/Common7/Tools/Bin"
+                 "$ENV{PROGRAMFILES}/Microsoft Visual Studio 8/SDK/v2.0/Bin")
+
     IF(HAVE_MANIFEST_TOOL)
-        MESSAGE(STATUS "Found Mainfest Tool. Embedding custom manifests.")
+        MESSAGE(STATUS "Found Mainfest Tool.")
     ELSE(HAVE_MANIFEST_TOOL)
         MESSAGE(FATAL_ERROR "Manifest tool, mt.exe, can't be found.")
     ENDIF(HAVE_MANIFEST_TOOL)
+    IF(HAVE_CATALOG_TOOL)
+        MESSAGE(STATUS "Found Catalog Tool.")
+    ELSE(HAVE_CATALOG_TOOL)
+        MESSAGE(FATAL_ERROR "Catalog tool, makecat.exe, can't be found.")
+    ENDIF(HAVE_CATALOG_TOOL)
+    IF(HAVE_SIGN_TOOL)
+        MESSAGE(STATUS "Found Sign Tool. Embedding custom manifests and signing executables.")
+    ELSE(HAVE_SIGN_TOOL)
+        MESSAGE(FATAL_ERROR "Sign tool, signtool.exe, can't be found.")
+    ENDIF(HAVE_SIGN_TOOL)
+
     # Disable automatic manifest generation.
     STRING(REPLACE "/MANIFEST" "/MANIFEST:NO" CMAKE_EXE_LINKER_FLAGS 
     	   ${CMAKE_EXE_LINKER_FLAGS})
diff -Nrup a/win/README b/win/README
--- a/win/README	2007-04-23 15:41:22 -04:00
+++ b/win/README	2007-07-25 13:18:10 -04:00
@@ -51,7 +51,8 @@ The options right now are
     DISABLE_GRANT_OPTIONS                Disables the use of --init-file and --skip-grant-tables
                                          options of mysqld.exe
     EMBED_MANIFESTS                      Embed custom manifests into final exes, otherwise VS
-                                         default will be used.
+                                         default will be used. (Note - This option should only be
+                                         used by MySQL AB.)
                                 
 
 So the command line could look like:
diff -Nrup a/win/create_manifest.js b/win/create_manifest.js
--- a/win/create_manifest.js	2007-06-26 11:25:59 -04:00
+++ b/win/create_manifest.js	2007-07-25 13:18:10 -04:00
@@ -56,7 +56,7 @@ try 
   manifest_xml+= "\t<assemblyIdentity name=\'" + app_name + "\'";
   manifest_xml+= " version=\'" + app_version + "\'"; 
   manifest_xml+= " processorArchitecture=\'" + app_arch + "\'";
-  // TOADD - Add publicKeyToken attribute once we have Authenticode key.
+  manifest_xml+= " publicKeyToken=\'02ad33b422233ae3\'";
   manifest_xml+= " type=\'win32\' />\r\n";
   // Identify the application security requirements.
   manifest_xml+= "\t<trustInfo xmlns=\'urn:schemas-microsoft-com:asm.v2\'>\r\n"; 
diff -Nrup a/win/mysql_manifest.cmake b/win/mysql_manifest.cmake
--- a/win/mysql_manifest.cmake	2007-06-26 11:25:59 -04:00
+++ b/win/mysql_manifest.cmake	2007-07-25 13:18:10 -04:00
@@ -14,7 +14,8 @@ MACRO(MYSQL_EMBED_MANIFEST _target_name 
   ADD_CUSTOM_COMMAND(
     TARGET ${_target_name}
     POST_BUILD
-    COMMAND mt.exe 
-    ARGS -nologo -manifest $(IntDir)\\$(TargetFileName).intermediate.manifest -outputresource:$(TargetPath) 
-    COMMENT "Embeds the manifest contents.")
+    COMMAND mt.exe       ARGS -nologo -hashupdate -makecdfs -manifest $(IntDir)\\$(TargetFileName).intermediate.manifest -outputresource:$(TargetPath) 
+    COMMAND makecat.exe  ARGS $(IntDir)\\$(TargetFileName).intermediate.manifest.cdf
+    COMMAND signtool.exe ARGS sign /a /t http://timestamp.verisign.com/scripts/timstamp.dll $(TargetPath)
+    COMMENT "Embeds the manifest contents, creates a cryptographic catalog, signs the target with Authenticode certificate.")
 ENDMACRO(MYSQL_EMBED_MANIFEST)
Thread
bk commit into 5.0 tree (iggy:1.2479) BUG#24732Ignacio Galarza25 Jul