diff options
author | James Yonan <james@openvpn.net> | 2010-08-20 20:24:42 +0000 |
---|---|---|
committer | James Yonan <james@openvpn.net> | 2010-08-20 20:24:42 +0000 |
commit | 5f866d914c71f010988fd85d5b178f3b8c3e2987 (patch) | |
tree | 88c2699ab799ac3270e0e8510867e89b60dc233c /install-win32 | |
parent | Windows security issue: (diff) | |
download | openvpn-5f866d914c71f010988fd85d5b178f3b8c3e2987.tar.xz |
Attempt to fix issue where domake-win build system was not properlyv2.1.3
signing drivers and .exe files.
Added win/tap_span.py for building multiple versions of the TAP driver
and tapinstall binaries using different DDK versions to span from Win2K
to Win7 and beyond.
Version 2.1.3
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6404 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'install-win32')
-rw-r--r-- | install-win32/buildinstaller | 2 | ||||
-rw-r--r-- | install-win32/getgui | 3 | ||||
-rw-r--r-- | install-win32/getxgui | 6 | ||||
-rw-r--r-- | install-win32/maketap | 100 | ||||
-rw-r--r-- | install-win32/maketapinstall | 72 | ||||
-rw-r--r-- | install-win32/settings.in | 37 |
6 files changed, 21 insertions, 199 deletions
diff --git a/install-win32/buildinstaller b/install-win32/buildinstaller index 83057bb..a17a027 100644 --- a/install-win32/buildinstaller +++ b/install-win32/buildinstaller @@ -10,5 +10,5 @@ tail -20 makensis.log # sign the installer if [ -d "$SIGNTOOL" ]; then - TARGET_EXE="$(echo $(pwd)/$GENOUT/*.exe)" $SIGNTOOL/signexe + python $SIGNTOOL/signapp.py "$(echo $(pwd)/$GENOUT/*.exe)" fi diff --git a/install-win32/getgui b/install-win32/getgui index b53a8f7..aa83e85 100644 --- a/install-win32/getgui +++ b/install-win32/getgui @@ -10,9 +10,6 @@ GUI="$OPENVPN_GUI_DIR/$OPENVPN_GUI" if [ -f "$GUI" ]; then mkdir -p $GENOUT/bin &>/dev/null cp $GUI $GENOUT/bin - if [ -d "$SIGNTOOL" ]; then - TARGET_EXE="$GENOUT/bin/$OPENVPN_GUI" $SIGNTOOL/signexe - fi fi if [ -f "$GENOUT/bin/$OPENVPN_GUI" ]; then diff --git a/install-win32/getxgui b/install-win32/getxgui index d3a21b8..3a1e626 100644 --- a/install-win32/getxgui +++ b/install-win32/getxgui @@ -19,12 +19,6 @@ if [ -d "$OPENVPN_XGUI_DIR" ]; then done fi - for f in $SIGNED_EXES; do - if [ -d "$SIGNTOOL" ]; then - TARGET_EXE="$GENOUT/bin/`basename $f`" $SIGNTOOL/signexe - fi - done - rm -rf $GENOUT/htdocs cp -a $OPENVPN_XGUI_DIR/ajax/htdocs $GENOUT/htdocs diff --git a/install-win32/maketap b/install-win32/maketap index 0d33329..b9c4070 100644 --- a/install-win32/maketap +++ b/install-win32/maketap @@ -1,101 +1,17 @@ #!/bin/sh -# Build the x86 and x64 versions of the TAP driver -# Requires the Windows DDK +# Get the x86 and x64 versions of the TAP driver # get version.nsi definitions . autodefs/defs.sh -if [ -n "$DDKVER" ] && [ -d "/c/WINDDK/$DDKVER" ] ; then - -# common declarations for all DDK build targets -. install-win32/ddk-common - -# configure tap driver sources -MACRO="perl install-win32/macro.pl autodefs/defs.in" -IFDEF="perl install-win32/ifdef.pl" -rm -rf tap-win32/amd64 -mkdir tap-win32/amd64 -$MACRO <tap-win32/SOURCES.in >tap-win32/SOURCES -$MACRO <tap-win32/i386/OemWin2k.inf.in | $IFDEF >tap-win32/i386/OemWin2k.inf -$MACRO <tap-win32/i386/OemWin2k.inf.in | $IFDEF -DAMD64 >tap-win32/amd64/OemWin2k.inf - -if [ -n "$PRODUCT_TAP_DEBUG" ] ; then - w2ktarget="w2k c" - amdtarget="chk $x64_tag WNET" -else - w2ktarget="w2k f" - amdtarget="fre $x64_tag WNET" -fi - -if [ -z "$DRVBINSRC" ] ; then - if [ -n "$TAP_BIN_AMD64" ]; then - amdtarget="" - fi - - cd tap-win32 - t=`pwd` - cd .. - - for mode in "$w2ktarget" "$amdtarget"; do - echo '**********' build TAP $mode - cmd //c "C:\\WINDDK\\$DDKVER\\bin\\setenv.bat C:\\WINDDK\\$DDKVER $mode && cd `perl install-win32/dosname.pl $t` && build -cef" - mv tap-win32/tapdrvr.cod "tap-win32/tapdrvr-$(echo $mode | tr ' ' '-').cod" +if [ -d "$TAPBINSRC" ]; then + mkdir -p $GENOUT/driver/i386 &>/dev/null + mkdir -p $GENOUT/driver/amd64 &>/dev/null + for arch in i386 amd64; do + s=$TAPBINSRC/$arch + cp $s/*.sys $s/*.cat $s/*.inf $GENOUT/driver/$arch done - - title openvpn-build &>/dev/null - - if [ -n "$TAP_BIN_AMD64" ]; then - mkdir -p $t/amd64 - cp "$TAP_BIN_AMD64" $t/amd64 - fi - - # copy driver files into tap-win32/dist - cd tap-win32 - rm -rf dist - mkdir dist - cd dist - mkdir i386 - mkdir amd64 - cd i386 - x86=`pwd` - cd ../amd64 - x64=`pwd` - cd ../.. - cp i386/OemWin2k.inf $x86 - cp i386/*.sys $x86 - cp amd64/OemWin2k.inf $x64 - cp amd64/*.sys $x64 - out="TAP driver catalog file is undefined"; - echo "$out" >$x86/$PRODUCT_TAP_ID.cat - echo "$out" >$x64/$PRODUCT_TAP_ID.cat - cd .. -fi - -# $DRVBINSRC, if defined, points to prebuilt TAP driver and -# tapinstall.exe. -mkdir $GENOUT &>/dev/null -rm -rf $GENOUT/driver -if [ -z "$DRVBINSRC" ] ; then - # Get TAP drivers - cp -a tap-win32/dist $GENOUT/driver - - # Sign TAP drivers - if [ -d "$SIGNTOOL" ]; then - $SIGNTOOL/signtap - fi -else - cp -a $DRVBINSRC/driver $GENOUT/driver -fi - -# $DRVBINDEST, if defined, points to a destination directory -# where TAP driver and tapinstall.exe will be saved, to be used -# as a $DRVBINSRC in future builds. -if [ -n "$DRVBINDEST" ] ; then - mkdir $DRVBINDEST &>/dev/null - cp -a $GENOUT/driver $DRVBINDEST -fi - else - echo Not building TAP driver -- DDK version $DDKVER NOT FOUND + echo Cannot find pre-built tap drivers fi diff --git a/install-win32/maketapinstall b/install-win32/maketapinstall index eae4471..9fe0470 100644 --- a/install-win32/maketapinstall +++ b/install-win32/maketapinstall @@ -1,77 +1,15 @@ #!/bin/sh -# Build the x86 and x64 versions of the tapinstall tool -# Requires the Windows DDK. -# TISRC should be set to directory containing -# tapinstall source code. +# Get the x86 and x64 versions of the tapinstall tool # get version.nsi definitions . autodefs/defs.sh -if [ -n "$DDKVER" ] && [ -d "/c/WINDDK/$DDKVER" ] ; then - -if ! [ -d "$TISRC" ] ; then - echo "$TISRC" NOT INSTALLED - exit 1 -fi - -# common declarations for all DDK build targets -. install-win32/ddk-common - -amdtarget="" -if [ -z "$TI_BIN_AMD64" ]; then - amdtarget="fre $x64_tag WNET" -fi - -if [ -z "$DRVBINSRC" ] ; then - rm -rf tapinstall - cp -a "$TISRC" tapinstall - - if [ -e tapinstall/sources.in ]; then - perl install-win32/ifdef.pl autodefs/defs.in <tapinstall/sources.in >tapinstall/sources - fi - - cd tapinstall - t=`pwd` - cd .. - - for mode in "w2k f" "$amdtarget"; do - if [ -n "$mode" ]; then - echo '**********' build TAPINSTALL $mode - cmd //c "C:\\WINDDK\\$DDKVER\\bin\\setenv.bat C:\\WINDDK\\$DDKVER $mode && cd `perl install-win32/dosname.pl $t` && build -cef" - fi - done -fi - -if [ -n "$TI_BIN_AMD64" ]; then - mkdir -p $t/objfre_wnet_amd64/amd64 - cp "$TI_BIN_AMD64" $t/objfre_wnet_amd64/amd64 -fi - -# $DRVBINSRC, if defined, points to prebuilt TAP driver and -# tapinstall.exe. -if [ -z "$DRVBINSRC" ] ; then - # Get tapinstall +if [ -d "$TAPBINSRC" ]; then mkdir -p $GENOUT/tapinstall/i386 &>/dev/null mkdir -p $GENOUT/tapinstall/amd64 &>/dev/null - cp tapinstall/objfre_w2k_x86/i386/tapinstall.exe $GENOUT/tapinstall/i386 - cp tapinstall/objfre_wnet_amd64/amd64/tapinstall.exe $GENOUT/tapinstall/amd64 -else - mkdir $GENOUT &>/dev/null - cp -a $DRVBINSRC/tapinstall $GENOUT/tapinstall -fi - -# $DRVBINDEST, if defined, points to a destination directory -# where TAP driver and tapinstall.exe will be saved, to be used -# as a $DRVBINSRC in future builds. -if [ -n "$DRVBINDEST" ] ; then - mkdir $DRVBINDEST &>/dev/null - cp -a $GENOUT/driver $DRVBINDEST - cp -a $GENOUT/tapinstall $DRVBINDEST -fi - -title openvpn-build &>/dev/null - + cp $TAPBINSRC/i386/tapinstall.exe $GENOUT/tapinstall/i386 + cp $TAPBINSRC/amd64/tapinstall.exe $GENOUT/tapinstall/amd64 else - echo Not building tapinstall -- DDK version $DDKVER NOT BUILT + echo Cannot find pre-built tapinstall fi diff --git a/install-win32/settings.in b/install-win32/settings.in index 21ea0a7..4a0a564 100644 --- a/install-win32/settings.in +++ b/install-win32/settings.in @@ -27,42 +27,19 @@ !define PKCS11_HELPER_DIR "../pkcs11-helper" ;!define DMALLOC_DIR "../dmalloc-5.4.2" +# Prebuilt TAP drivers and tapinstall +!define TAPBINSRC "../tap_dist" + +# Directory containing python script for signing .exe files +!define SIGNTOOL "../signtool" + # Optional directory of prebuilt OpenVPN binary components, # to be used as a source when build-from-scratch prerequisites # are not met. ;!define GENOUT_PREBUILT "../gen-prebuilt" -# tapinstall.exe source code. -# Not needed if DRVBINSRC is defined -# (or if using pre-built mode). -!define TISRC "../tapinstall/5600" - -# TAP Adapter parameters. Note that PRODUCT_TAP_ID is -# defined in version.m4. -!define PRODUCT_TAP_DEVICE_DESCRIPTION "TAP-Win32 Adapter V9" -!define PRODUCT_TAP_PROVIDER "TAP-Win32 Provider V9" -!define PRODUCT_TAP_MAJOR_VER 9 -!define PRODUCT_TAP_MINOR_VER 7 -!define PRODUCT_TAP_RELDATE "04/19/2010" - -# TAP adapter icon -- visible=0x81 or hidden=0x89 -!define PRODUCT_TAP_CHARACTERISTICS 0x81 - -# Build debugging version of TAP driver -;!define PRODUCT_TAP_DEBUG - -# DDK Version. -# DDK distribution is assumed to be in C:\WINDDK\${DDKVER} -!define DDKVER 6001.18002 -!define DDKVER_MAJOR 6001 - -# Code Signing. -# If undefined, don't sign any files. -!define SIGNTOOL "../signtool.old" -!define PRODUCT_SIGN_CN "openvpn" - # -j parameter passed to make -!define MAKE_JOBS 2 +!define MAKE_JOBS 1 # output directory for built binaries # and other generated files |