Browse Source

gitian: make the windows signing process match OSX

0.13
Cory Fields 10 years ago
parent
commit
a3ba9a553a
  1. 15
      contrib/gitian-descriptors/gitian-win-signer.yml
  2. 7
      contrib/gitian-descriptors/gitian-win.yml

15
contrib/gitian-descriptors/gitian-win-signer.yml

@ -14,21 +14,26 @@ remotes:
files: files:
- "osslsigncode-1.7.1.tar.gz" - "osslsigncode-1.7.1.tar.gz"
- "osslsigncode-Backports-to-1.7.1.patch" - "osslsigncode-Backports-to-1.7.1.patch"
- "bitcoin-win32-setup.exe" - "bitcoin-win-unsigned.tar.gz"
- "bitcoin-win64-setup.exe"
script: | script: |
BUILD_DIR=`pwd` BUILD_DIR=`pwd`
SIGDIR=${BUILD_DIR}/signature/win SIGDIR=${BUILD_DIR}/signature/win
UNSIGNED_DIR=${BUILD_DIR}/unsigned
echo "f9a8cdb38b9c309326764ebc937cba1523a3a751a7ab05df3ecc99d18ae466c9 osslsigncode-1.7.1.tar.gz" | sha256sum -c echo "f9a8cdb38b9c309326764ebc937cba1523a3a751a7ab05df3ecc99d18ae466c9 osslsigncode-1.7.1.tar.gz" | sha256sum -c
echo "a8c4e9cafba922f89de0df1f2152e7be286aba73f78505169bc351a7938dd911 osslsigncode-Backports-to-1.7.1.patch" | sha256sum -c echo "a8c4e9cafba922f89de0df1f2152e7be286aba73f78505169bc351a7938dd911 osslsigncode-Backports-to-1.7.1.patch" | sha256sum -c
mkdir -p ${UNSIGNED_DIR}
tar -C ${UNSIGNED_DIR} -xf bitcoin-win-unsigned.tar.gz
tar xf osslsigncode-1.7.1.tar.gz tar xf osslsigncode-1.7.1.tar.gz
cd osslsigncode-1.7.1 cd osslsigncode-1.7.1
patch -p1 < ${BUILD_DIR}/osslsigncode-Backports-to-1.7.1.patch patch -p1 < ${BUILD_DIR}/osslsigncode-Backports-to-1.7.1.patch
./configure --without-gsf --without-curl --disable-dependency-tracking ./configure --without-gsf --without-curl --disable-dependency-tracking
make make
find ${UNSIGNED_DIR} -name "*-unsigned.exe" | while read i; do
./osslsigncode attach-signature -in ${BUILD_DIR}/bitcoin-win32-setup.exe -out ${OUTDIR}/bitcoin-win32-setup-signed.exe -sigin ${SIGDIR}/bitcoin-win32-setup.exe.pem INFILE="`basename "${i}"`"
./osslsigncode attach-signature -in ${BUILD_DIR}/bitcoin-win64-setup.exe -out ${OUTDIR}/bitcoin-win64-setup-signed.exe -sigin ${SIGDIR}/bitcoin-win64-setup.exe.pem OUTFILE="`echo "${INFILE}" | sed s/-unsigned//`"
./osslsigncode attach-signature -in "${i}" -out "${OUTDIR}/${OUTFILE}" -sigin "${SIGDIR}/${INFILE}.pem"
done

7
contrib/gitian-descriptors/gitian-win.yml

@ -84,6 +84,8 @@ script: |
pushd temp pushd temp
tar xf ../$SOURCEDIST tar xf ../$SOURCEDIST
find bitcoin-* | sort | tar --no-recursion --mode='u+rw,go+r-w,a+X' --owner=0 --group=0 -c -T - | gzip -9n > ../$SOURCEDIST find bitcoin-* | sort | tar --no-recursion --mode='u+rw,go+r-w,a+X' --owner=0 --group=0 -c -T - | gzip -9n > ../$SOURCEDIST
mkdir -p $OUTDIR/src
cp ../$SOURCEDIST $OUTDIR/src
popd popd
ORIGPATH="$PATH" ORIGPATH="$PATH"
@ -109,7 +111,8 @@ script: |
find ${DISTNAME} -type f | sort | zip -X@ ${OUTDIR}/${DISTNAME}-${i}.zip find ${DISTNAME} -type f | sort | zip -X@ ${OUTDIR}/${DISTNAME}-${i}.zip
cd ../.. cd ../..
done done
mkdir -p $OUTDIR/src cd $OUTDIR
mv $SOURCEDIST $OUTDIR/src rename 's/-setup\.exe$/-setup-unsigned.exe/' *-setup.exe
find . -name "*-setup-unsigned.exe" | sort | tar --no-recursion --mode='u+rw,go+r-w,a+X' --owner=0 --group=0 -c -T - | gzip -9n > ${OUTDIR}/${DISTNAME}-win-unsigned.tar.gz
mv ${OUTDIR}/${DISTNAME}-x86_64-*.zip ${OUTDIR}/${DISTNAME}-win64.zip mv ${OUTDIR}/${DISTNAME}-x86_64-*.zip ${OUTDIR}/${DISTNAME}-win64.zip
mv ${OUTDIR}/${DISTNAME}-i686-*.zip ${OUTDIR}/${DISTNAME}-win32.zip mv ${OUTDIR}/${DISTNAME}-i686-*.zip ${OUTDIR}/${DISTNAME}-win32.zip

Loading…
Cancel
Save