configure.ac | 2 - instsetoo_native/CustomTarget_install.mk | 15 +++++-------- postprocess/CustomTarget_signing.mk | 5 +--- postprocess/signing/signing.pl | 34 ++++++++++++++----------------- 4 files changed, 25 insertions(+), 31 deletions(-)
New commits: commit 168a1042a1535920d6371f6754f88af9888f7af5 Author: Thorsten Behrens <[email protected]> AuthorDate: Wed Apr 2 18:09:08 2025 +0200 Commit: Thorsten Behrens <[email protected]> CommitDate: Wed Apr 2 18:09:08 2025 +0200 Release 6.3.6.33 - only build config changed Change-Id: I33c476d07ee71239f56dc9027d41630b86b8bf62 diff --git a/configure.ac b/configure.ac index db5164572305..1549c49261f3 100644 --- a/configure.ac +++ b/configure.ac @@ -9,7 +9,7 @@ dnl in order to create a configure script. # several non-alphanumeric characters, those are split off and used only for the # ABOUTBOXPRODUCTVERSIONSUFFIX in openoffice.lst. Why that is necessary, no idea. -AC_INIT([LibreOffice],[6.3.6.32],[],[],[http://documentfoundation.org/]) +AC_INIT([LibreOffice],[6.3.6.33],[],[],[http://documentfoundation.org/]) dnl libnumbertext needs autoconf 2.68, but that can pick up autoconf268 just fine if it is installed dnl whereas aclocal (as run by autogen.sh) insists on using autoconf and fails hard commit 52a2272e8e02e836200b57c11db9a729c1309e9c Author: Thorsten Behrens <[email protected]> AuthorDate: Wed Mar 12 22:38:58 2025 +0100 Commit: Thorsten Behrens <[email protected]> CommitDate: Tue Mar 25 11:27:44 2025 +0100 Use-jsign-for-signing Use https://ebourg.github.io/jsign/ for signing Windows binaries, since that offers cross-platform convenient options to also use cloud signing services. Change-Id: I18a96ff66df365f562dcbe30c27752b2ab527d7c diff --git a/instsetoo_native/CustomTarget_install.mk b/instsetoo_native/CustomTarget_install.mk index ab620d5844ed..b32d605f9f92 100644 --- a/instsetoo_native/CustomTarget_install.mk +++ b/instsetoo_native/CustomTarget_install.mk @@ -149,9 +149,8 @@ $(call gb_CustomTarget_get_workdir,instsetoo_native/install)/msi_main_signing.do $(PERL) $(SRCDIR)/postprocess/signing/signing.pl \ -l $(subst .done,_log.txt,$@) \ $(if $(verbose),-v) \ - $(if $(PFXFILE),-f $(PFXFILE)) \ - $(if $(PFXPASSWORD),-p $(PFXPASSWORD)) \ - $(if $(TIMESTAMPURL),-t $(TIMESTAMPURL)) \ + $(if $(CODESIGNING_OPTIONS),-o '$(CODESIGNING_OPTIONS)') \ + $(if $(CODESIGNING_AUTHKEY),-p '$(CODESIGNING_AUTHKEY)') \ -d $(PRODUCTNAME)\ $(LIBO_VERSION_MAJOR).$(LIBO_VERSION_MINOR).$(LIBO_VERSION_MICRO).$(LIBO_VERSION_PATCH) \ $(WORKDIR)/installation/$(PRODUCTNAME)/msi/install/*/*.msi \ && touch $@ @@ -161,9 +160,8 @@ $(call gb_CustomTarget_get_workdir,instsetoo_native/install)/msi_helppack_signin $(PERL) $(SRCDIR)/postprocess/signing/signing.pl \ -l $(subst .done,_log.txt,$@) \ $(if $(verbose),-v) \ - $(if $(PFXFILE),-f $(PFXFILE)) \ - $(if $(PFXPASSWORD),-p $(PFXPASSWORD)) \ - $(if $(TIMESTAMPURL),-t $(TIMESTAMPURL)) \ + $(if $(CODESIGNING_OPTIONS),-o '$(CODESIGNING_OPTIONS)') \ + $(if $(CODESIGNING_AUTHKEY),-p '$(CODESIGNING_AUTHKEY)') \ -d $(PRODUCTNAME)\ $(LIBO_VERSION_MAJOR).$(LIBO_VERSION_MINOR).$(LIBO_VERSION_MICRO).$(LIBO_VERSION_PATCH)\ Helppack \ $(WORKDIR)/installation/$(PRODUCTNAME)_helppack/msi/install/*/*.msi \ && touch $@ @@ -173,9 +171,8 @@ $(call gb_CustomTarget_get_workdir,instsetoo_native/install)/msi_sdk_signing.don $(PERL) $(SRCDIR)/postprocess/signing/signing.pl \ -l $(subst .done,_log.txt,$@) \ $(if $(verbose),-v) \ - $(if $(PFXFILE),-f $(PFXFILE)) \ - $(if $(PFXPASSWORD),-p $(PFXPASSWORD)) \ - $(if $(TIMESTAMPURL),-t $(TIMESTAMPURL)) \ + $(if $(CODESIGNING_OPTIONS),-o '$(CODESIGNING_OPTIONS)') \ + $(if $(CODESIGNING_AUTHKEY),-p '$(CODESIGNING_AUTHKEY)') \ -d $(PRODUCTNAME)\ $(LIBO_VERSION_MAJOR).$(LIBO_VERSION_MINOR).$(LIBO_VERSION_MICRO).$(LIBO_VERSION_PATCH)\ SDK \ $(WORKDIR)/installation/$(PRODUCTNAME)_SDK/msi/install/*/*.msi \ && touch $@ diff --git a/postprocess/CustomTarget_signing.mk b/postprocess/CustomTarget_signing.mk index 7ba7c5832f17..0ac4982fc19a 100644 --- a/postprocess/CustomTarget_signing.mk +++ b/postprocess/CustomTarget_signing.mk @@ -37,9 +37,8 @@ ifneq ($(ENABLE_DBGUTIL),TRUE) -e $$EXCLUDELIST \ -l $(subst .done,_log.txt,$@) \ $(if $(verbose),-v) \ - $(if $(PFXFILE),-f $(PFXFILE)) \ - $(if $(PFXPASSWORD),-p $(PFXPASSWORD)) \ - $(if $(TIMESTAMPURL),-t $(TIMESTAMPURL)) \ + $(if $(CODESIGNING_OPTIONS),-o '$(CODESIGNING_OPTIONS)') \ + $(if $(CODESIGNING_AUTHKEY),-p '$(CODESIGNING_AUTHKEY)') \ $(INSTDIR)/URE/bin/*.dll \ $(INSTDIR)/URE/bin/*.exe \ $(INSTDIR)/program/*.dll \ diff --git a/postprocess/signing/signing.pl b/postprocess/signing/signing.pl index ed8065399f05..fdd72be2b7f4 100644 --- a/postprocess/signing/signing.pl +++ b/postprocess/signing/signing.pl @@ -32,11 +32,10 @@ my $opt_exclude = ""; # file with a list of not signable dll and exe fil my $opt_verbose = 0; my $opt_help = 0; my $opt_log = ""; # for logging -my $opt_pass = ""; # password for signing -my $opt_pfxfile = ""; # Personal Information Exchange file -my $opt_timestamp_url = ""; # timestamp url +my $opt_signops = ""; # params for signing +my $opt_passwd = ""; # password for signing my %exclude_files = (); # list of not signable dll and exe files -my $signtool = "signtool.exe sign"; +my $signtool = "codesign.sh sign "; my @args = (); my @files_to_sign = (); @@ -72,8 +71,8 @@ sub parse_options #09.07.2007 08:13 # e exclude list file # v verbose my $success = GetOptions('h' => \$opt_help, - 'd=s' => \$opt_desc, 'e=s'=>\$opt_exclude, 'f=s'=>\$opt_pfxfile, 'l=s'=>\$opt_log, - 'p=s'=>\$opt_pass,'v'=>\$opt_verbose, 't=s'=>\$opt_timestamp_url); + 'o=s' => \$opt_signops, 'e=s'=>\$opt_exclude, 'l=s'=>\$opt_log, + 'd=s' => \$opt_desc, 'p=s'=>\$opt_passwd, 'v'=>\$opt_verbose); if ( !$success || $opt_help ) { usage(); exit(1); @@ -137,20 +136,19 @@ sub sign_files #09.07.2007 10:36 my $file = ""; my $result = ""; - if ( $opt_pass =~ /\.exe$/ ) { + if ( $opt_passwd =~ /get-access-token/ ) { # get password by tool - open(PIPE, "$opt_pass 2>&1 |") || die "Can't open PIPE! "; + open(PIPE, "$opt_passwd 2>&1 |") || die "Can't open PIPE! "; my $pass = <PIPE>; close PIPE; print_error("Can't get password! ") if ( !$pass ); # exit here - $opt_pass = $pass; + chomp($pass); + $opt_passwd = $pass; } - $signtool .= " -v" if ($opt_verbose); + $signtool .= " --verbose" if ($opt_verbose); $commandline_base = $signtool; - $commandline_base .= " -f $opt_pfxfile" if ($opt_pfxfile ne ""); - $commandline_base .= " -p $opt_pass" if ($opt_pass ne ""); - $commandline_base .= " -t $opt_timestamp_url" if ($opt_timestamp_url ne ""); - $commandline_base .= " -d \"$opt_desc\"" if ($opt_desc ne ""); + $commandline_base .= " $opt_signops" if ($opt_signops); + $commandline_base .= " --storepass $opt_passwd" if ($opt_passwd); # Here switch between: # one command line for multiple files (all doesn't work, too much) / for each file one command line @@ -217,7 +215,7 @@ sub execute #11.07.2007 10:02 print LOG "$result" if ($opt_log); $errorlines .= $result if ($result =~ /SignTool Error\:/); } # while - close PIPE; + close PIPE or print_error("Exit status $? from signtool! "); print_error( "$errorlines " ) if ($errorlines); } ##execute @@ -236,12 +234,12 @@ sub print_error #09.07.2007 11:21 sub usage #09.07.2007 08:39 ############################################################################ { - print "Usage: $myname [-e filename] [-f filename] [-p password] [-t timestamp] [-l filename] [-v] <file[list]> "; + print "Usage: $myname [-e filename] [-p password] [-o signing-options] [-d description] [-l filename] [-v] <file[list]> "; print "Options: "; print " -e filename File which contains a list of files which don't have to be signed. "; - print " -f pfx_filename \"Personal Information Exchange\" file. "; print " -p password Password for \"Personal Information Exchange\" file. "; - print " -t timestamp Timestamp URL e.g. \"http://timestamp.verisign.com/scripts/timstamp.dll\"; "; + print " -o signing-options Additional signing options to pass down\" "; + print " -d description Additional description of the entity signed\" "; print " -l log_filename File for logging. "; print " -v Verbose. "; } ##usage
