diff --git a/platforms/win32/winbareos-nsi.spec b/platforms/win32/winbareos-nsi.spec index 200751ee54c..f1a5b0212c6 100644 --- a/platforms/win32/winbareos-nsi.spec +++ b/platforms/win32/winbareos-nsi.spec @@ -75,6 +75,8 @@ BuildRequires: mingw64-lzo BuildRequires: mingw32-libfastlz BuildRequires: mingw64-libfastlz +BuildRequires: osslsigncode + Source1: winbareos.nsi Source2: clientdialog.ini Source3: directordialog.ini @@ -84,6 +86,10 @@ Source6: bareos.ico Source7: AccessControl.dll Source8: LogEx.dll Source9: databasedialog.ini + +# code signing cert +Source10: ia.p12 +Source11: signpassword %description bareos @@ -109,20 +115,18 @@ do cp %SOURCE7 $RPM_BUILD_ROOT/$flavor/nsisplugins # AccessControl cp %SOURCE8 $RPM_BUILD_ROOT/$flavor/nsisplugins # LogEx - mkdir -p $RPM_BUILD_ROOT/$flavor/release32 - mkdir -p $RPM_BUILD_ROOT/$flavor/release64 + for BITS in 32 64; do + mkdir -p $RPM_BUILD_ROOT/$flavor/release${BITS} -# copy the sql ddls over - cp -av /etc/$flavor/mingw32-winbareos/ddl $RPM_BUILD_ROOT/$flavor/release32 - cp -av /etc/$flavor/mingw64-winbareos/ddl $RPM_BUILD_ROOT/$flavor/release64 - -# copy the sources over if we create debug package - %if %{WIN_DEBUG} == "yes" - cp -av /bareos-*debug* $RPM_BUILD_ROOT/$flavor/release32 - cp -av /bareos-*debug* $RPM_BUILD_ROOT/$flavor/release64 - %endif + # copy the sql ddls over + cp -av /etc/$flavor/mingw${BITS}-winbareos/ddl $RPM_BUILD_ROOT/$flavor/release${BITS} + # copy the sources over if we create debug package + %if %{WIN_DEBUG} == "yes" + cp -av /bareos-*debug* $RPM_BUILD_ROOT/$flavor/release${BITS} + %endif + done for file in \ bareos-fd.exe \ @@ -142,11 +146,14 @@ do libbareos.dll \ libbareosfind.dll \ libbareoslmdb.dll \ - libbareoscats*.dll \ - libbareossd*.dll ; + libbareoscats-postgresql.dll libbareoscats-sqlite3.dll libbareoscats.dll\ + libbareossd.dll ; do cp %{_mingw32_bindir}/$flavor/$file $RPM_BUILD_ROOT/$flavor/release32 cp %{_mingw64_bindir}/$flavor/$file $RPM_BUILD_ROOT/$flavor/release64 + + osslsigncode verify -in $RPM_BUILD_ROOT/$flavor/release32/$file + osslsigncode verify -in $RPM_BUILD_ROOT/$flavor/release64/$file done @@ -172,20 +179,18 @@ do cp %{_mingw64_bindir}/$file $RPM_BUILD_ROOT/$flavor/release64 done - for cfg in /etc/$flavor/mingw32-winbareos/*.conf; do - cp $cfg $RPM_BUILD_ROOT/$flavor/release32 - done - - for cfg in /etc/$flavor/mingw64-winbareos/*.conf; do - cp $cfg $RPM_BUILD_ROOT/$flavor/release64 - done + for BITS in 32 64; do - cp %SOURCE1 %SOURCE2 %SOURCE3 %SOURCE4 %SOURCE6 %SOURCE9 %_sourcedir/LICENSE $RPM_BUILD_ROOT/$flavor/release32 - cp %SOURCE1 %SOURCE2 %SOURCE3 %SOURCE4 %SOURCE6 %SOURCE9 %_sourcedir/LICENSE $RPM_BUILD_ROOT/$flavor/release64 + for cfg in /etc/$flavor/mingw${BITS}-winbareos/*.conf; do + cp $cfg $RPM_BUILD_ROOT/$flavor/release${BITS} + done - makensis -DVERSION=%version -DPRODUCT_VERSION=%version-%release -DBIT_WIDTH=32 -DWIN_DEBUG=%{WIN_DEBUG} $RPM_BUILD_ROOT/$flavor/release32/winbareos.nsi - makensis -DVERSION=%version -DPRODUCT_VERSION=%version-%release -DBIT_WIDTH=64 -DWIN_DEBUG=%{WIN_DEBUG} $RPM_BUILD_ROOT/$flavor/release64/winbareos.nsi + cp %SOURCE1 %SOURCE2 %SOURCE3 %SOURCE4 %SOURCE6 %SOURCE9 \ + %_sourcedir/LICENSE $RPM_BUILD_ROOT/$flavor/release${BITS} + makensis -DVERSION=%version -DPRODUCT_VERSION=%version-%release -DBIT_WIDTH=${BITS} \ + -DWIN_DEBUG=%{WIN_DEBUG} $RPM_BUILD_ROOT/$flavor/release${BITS}/winbareos.nsi + done done %install @@ -196,14 +201,26 @@ do mkdir -p $RPM_BUILD_ROOT%{_mingw64_bindir} FLAVOR=`echo "%name" | sed 's/winbareos-nsi-//g'` + DESCRIPTION="Bareos installer version %version" + URL="http://www.bareos.com" - cp $RPM_BUILD_ROOT/$flavor/release32/Bareos*.exe $RPM_BUILD_ROOT/winbareos-%version-$flavor-32-bit-r%release.exe - cp $RPM_BUILD_ROOT/$flavor/release64/Bareos*.exe $RPM_BUILD_ROOT/winbareos-%version-$flavor-64-bit-r%release.exe + for BITS in 32 64; do + cp $RPM_BUILD_ROOT/$flavor/release${BITS}/Bareos*.exe \ + $RPM_BUILD_ROOT/winbareos-%version-$flavor-${BITS}-bit-r%release-unsigned.exe - rm -R $RPM_BUILD_ROOT/$flavor/release32 - rm -R $RPM_BUILD_ROOT/$flavor/release64 - rm -R $RPM_BUILD_ROOT/$flavor/nsisplugins + osslsigncode -pkcs12 %SOURCE10 -pass `cat %SOURCE11` -n "${DESCRIPTION}" -i http://www.bareos.com/ \ + -in $RPM_BUILD_ROOT/winbareos-%version-$flavor-${BITS}-bit-r%release-unsigned.exe \ + -out $RPM_BUILD_ROOT/winbareos-%version-$flavor-${BITS}-bit-r%release.exe + + osslsigncode verify -in $RPM_BUILD_ROOT/winbareos-%version-$flavor-${BITS}-bit-r%release.exe + + rm $RPM_BUILD_ROOT/winbareos-%version-$flavor-${BITS}-bit-r%release-unsigned.exe + rm -R $RPM_BUILD_ROOT/$flavor/release${BITS} + + done + + rm -R $RPM_BUILD_ROOT/$flavor/nsisplugins done %clean diff --git a/platforms/win32/winbareos32.spec b/platforms/win32/winbareos32.spec index a152f5cf393..eb5de87a5f1 100644 --- a/platforms/win32/winbareos32.spec +++ b/platforms/win32/winbareos32.spec @@ -34,13 +34,17 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch #!BuildIgnore: post-build-checks -Source1: fillup.sed -Source2: vss_headers.tar -Source3: vdi_headers.tar -Source4: pgsql-libpq.tar +Source1: fillup.sed +Source2: vss_headers.tar +Source3: vdi_headers.tar +Source4: pgsql-libpq.tar -Patch1: tray-monitor-conf.patch -Patch2: tray-monitor-conf-fd-sd.patch +# code signing cert +Source10: ia.p12 +Source11: signpassword + +Patch1: tray-monitor-conf.patch +Patch2: tray-monitor-conf-fd-sd.patch BuildRequires: mingw32-filesystem BuildRequires: mingw32-cross-gcc @@ -80,6 +84,8 @@ BuildRequires: mingw32-libsqlite-devel BuildRequires: sed BuildRequires: vim, procps, bc +BuildRequires: osslsigncode + %description bareos @@ -170,12 +176,9 @@ make WIN_DEBUG=yes BUILD_QTGUI=%{BUILD_QTGUI} WIN_VERSION=%{WIN_VERSION} WIN_VIS cd - %install - - for flavor in `echo "%flavors"`; do mkdir -p $RPM_BUILD_ROOT%{_mingw32_bindir}/$flavor - mkdir -p $RPM_BUILD_ROOT/etc/$flavor/%name pushd $flavor/src/win32 @@ -229,9 +232,21 @@ for flavor in `echo "%flavors"`; do do sed -f %SOURCE1 $sql -i ; done -done - + # sign binary files + pushd $RPM_BUILD_ROOT%{_mingw32_bindir}/$flavor + for BINFILE in *; do + mv $BINFILE $BINFILE.unsigned + osslsigncode -pkcs12 %SOURCE10 \ + -pass `cat %SOURCE11` \ + -n "${DESCRIPTION}" \ + -i http://www.bareos.com/ \ + -in $BINFILE.unsigned \ + -out $BINFILE + rm *.unsigned + done + popd +done %clean rm -rf $RPM_BUILD_ROOT diff --git a/platforms/win32/winbareos64.spec b/platforms/win32/winbareos64.spec index cf4ab32e120..394252b2eaf 100644 --- a/platforms/win32/winbareos64.spec +++ b/platforms/win32/winbareos64.spec @@ -34,13 +34,17 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch #!BuildIgnore: post-build-checks -Source1: fillup.sed -Source2: vss_headers.tar -Source3: vdi_headers.tar -Source4: pgsql-libpq.tar +Source1: fillup.sed +Source2: vss_headers.tar +Source3: vdi_headers.tar +Source4: pgsql-libpq.tar -Patch1: tray-monitor-conf.patch -Patch2: tray-monitor-conf-fd-sd.patch +# code signing cert +Source10: ia.p12 +Source11: signpassword + +Patch1: tray-monitor-conf.patch +Patch2: tray-monitor-conf-fd-sd.patch BuildRequires: mingw64-filesystem BuildRequires: mingw64-cross-gcc @@ -80,6 +84,8 @@ BuildRequires: mingw64-libsqlite-devel BuildRequires: sed BuildRequires: vim, procps, bc +BuildRequires: osslsigncode + %description bareos @@ -170,12 +176,9 @@ make WIN_DEBUG=yes BUILD_QTGUI=%{BUILD_QTGUI} WIN_VERSION=%{WIN_VERSION} WIN_VIS cd - %install - - for flavor in `echo "%flavors"`; do mkdir -p $RPM_BUILD_ROOT%{_mingw64_bindir}/$flavor - mkdir -p $RPM_BUILD_ROOT/etc/$flavor/%name pushd $flavor/src/win32 @@ -219,7 +222,7 @@ for flavor in `echo "%flavors"`; do popd - mkdir -p $RPM_BUILD_ROOT/etc/$flavor/%name/ddl + mkdir -p $RPM_BUILD_ROOT/etc/$flavor/%name/ddl for i in creates drops grants updates; do mkdir $RPM_BUILD_ROOT/etc/$flavor/%name/ddl/$i/ cp -av src/cats/ddl/$i/postgres* $RPM_BUILD_ROOT/etc/$flavor/%name/ddl/$i/ @@ -229,9 +232,21 @@ for flavor in `echo "%flavors"`; do do sed -f %SOURCE1 $sql -i ; done -done - + # sign binary files + pushd $RPM_BUILD_ROOT%{_mingw64_bindir}/$flavor + for BINFILE in *; do + mv $BINFILE $BINFILE.unsigned + osslsigncode -pkcs12 %SOURCE10 \ + -pass `cat %SOURCE11` \ + -n "${DESCRIPTION}" \ + -i http://www.bareos.com/ \ + -in $BINFILE.unsigned \ + -out $BINFILE + rm *.unsigned + done + popd +done %clean rm -rf $RPM_BUILD_ROOT