summaryrefslogtreecommitdiffstats
path: root/bin
diff options
context:
space:
mode:
Diffstat (limited to 'bin')
-rwxr-xr-xbin/createpackage.pl24
-rwxr-xr-xbin/patch_capabilities.pl26
2 files changed, 33 insertions, 17 deletions
diff --git a/bin/createpackage.pl b/bin/createpackage.pl
index cce0b54..85be5d3 100755
--- a/bin/createpackage.pl
+++ b/bin/createpackage.pl
@@ -212,21 +212,21 @@ my $certpath = File::Spec->catdir($scriptpath, File::Spec->updir(), "src/s60inst
# Check some pre-conditions and print error messages if needed.
unless (length($templatepkg)) {
- print "\nError: Template PKG filename is not defined!\n";
+ print "\nERROR: Template PKG filename is not defined!\n";
Usage();
}
# Check template exist
stat($templatepkg);
unless( -e _ ) {
- print "\nError: Package description file '$templatepkg' does not exist!\n";
+ print "\nERROR: Package description file '$templatepkg' does not exist!\n";
Usage();
}
# Check certifcate preconditions and set default certificate variables if needed
if (length($certificate)) {
unless(length($key)) {
- print "\nError: Custom certificate key file parameter missing.!\n";
+ print "\nERROR: Custom certificate key file parameter missing.!\n";
Usage();
}
} else {
@@ -261,7 +261,7 @@ if (length($certfile)) {
# Do some validation
unless(scalar(@certinfo) >= 2 && scalar(@certinfo) <= 3 && length($certinfo[0]) && length($certinfo[1]) ) {
- print "\nError: $certfile line '$_' does not contain valid information!\n";
+ print "\nERROR: $certfile line '$_' does not contain valid information!\n";
Usage();
}
@@ -280,14 +280,14 @@ if (!$preservePkgOutput) {
local $/;
# read template file
-open( TEMPLATE, $templatepkg) or die "Error '$templatepkg': $!\n";
+open( TEMPLATE, $templatepkg) or die "ERROR: '$templatepkg': $!";
$_=<TEMPLATE>;
close (TEMPLATE);
# If the pkg file does not contain macros, there is no need for platform or target.
if (m/\$\(PLATFORM\)/) {
unless (length($platform) && length($target)) {
- print "\nError: Platform or target is not defined!\n";
+ print "\nERROR: Platform or target is not defined!\n";
Usage();
}
}
@@ -297,7 +297,7 @@ s/\$\(PLATFORM\)/$platform/gm;
s/\$\(TARGET\)/$target/gm;
#write the output
-open( OUTPUT, ">$pkgoutput" ) or die "Error '$pkgoutput' $!\n";
+open( OUTPUT, ">$pkgoutput" ) or die "ERROR: '$pkgoutput' $!";
print OUTPUT $_;
close OUTPUT;
@@ -306,7 +306,7 @@ if ($preprocessonly) {
}
if($stub) {
- if(!($epocroot)) { die("EPOCROOT must be set to create stub sis files"); }
+ if(!($epocroot)) { die("ERROR: EPOCROOT must be set to create stub sis files"); }
my $systeminstall = "$epocroot/epoc32/data/z/system/install";
mkpath($systeminstall);
my $stub_sis_name = $systeminstall."/".$stub_sis_name;
@@ -319,15 +319,15 @@ if($stub) {
&& !$onlyUnsigned) {
print("Auto-patching capabilities for self signed package.\n");
my $patch_capabilities = File::Spec->catfile(dirname($0), "patch_capabilities");
- system ("$patch_capabilities $pkgoutput");
+ system ("$patch_capabilities $pkgoutput") and die ("ERROR: Automatic patching failed");
}
# Create SIS.
# The 'and' is because system uses 0 to indicate success.
if($epocroot) {
- system ("$epocroot/epoc32/tools/makesis $pkgoutput $unsigned_sis_name") and die ("makesis failed");
+ system ("$epocroot/epoc32/tools/makesis $pkgoutput $unsigned_sis_name") and die ("ERROR: makesis failed");
} else {
- system ("makesis $pkgoutput $unsigned_sis_name") and die ("makesis failed");
+ system ("makesis $pkgoutput $unsigned_sis_name") and die ("ERROR: makesis failed");
}
print("\n");
@@ -354,7 +354,7 @@ if($stub) {
my $relcert = File::Spec->abs2rel($certificate);
my $relkey = File::Spec->abs2rel($key);
# The 'and' is because system uses 0 to indicate success.
- system ("signsis $unsigned_sis_name $signed_sis_name $relcert $relkey $passphrase") and die ("signsis failed");
+ system ("signsis $unsigned_sis_name $signed_sis_name $relcert $relkey $passphrase") and die ("ERROR: signsis failed");
# Check if creating signed SIS Succeeded
stat($signed_sis_name);
diff --git a/bin/patch_capabilities.pl b/bin/patch_capabilities.pl
index a85f073..06ab116 100755
--- a/bin/patch_capabilities.pl
+++ b/bin/patch_capabilities.pl
@@ -152,7 +152,7 @@ if (@ARGV)
my $newLine = $line;
# Patch pkg UID if it's in protected range
- if ($line =~ m/^\#.*\((0x[0-7][0-9|a-f|A-F]*)\).*$/)
+ if ($line =~ m/^\#.*\((0x[0-7][0-9a-fA-F]*)\).*$/)
{
my $oldUID = $1;
my $newUID = $oldUID;
@@ -162,7 +162,7 @@ if (@ARGV)
}
# Patch embedded sis name and UID if UID is in protected range
- if ($line =~ m/^@\"*(.*\.sis).*\((0x[0-7][0-9|a-f|A-F]*)\).*$/)
+ if ($line =~ m/^@\"*(.*\.sis).*\((0x[0-7][0-9a-fA-F]*)\).*$/)
{
my $oldSisName = $1;
my $oldUID = $2;
@@ -280,7 +280,16 @@ if (@ARGV)
my $capabilitiesToAllow = join(" ", @capabilitiesToAllow);
my @capabilitiesToDrop;
while (<$dllCaps>) {
- if (/^Vendor ID: (.*)$/) {
+ if (/^Secure ID: ([0-7][0-9a-fA-F]*)$/) {
+ my $exeSid = $1;
+ if ($binaryBaseName =~ /\.exe$/) {
+ # Installer refuses to install protected executables in a self signed package, so abort if one is detected.
+ # We can't simply just patch the executable SID, as any registration resources executable uses will be linked to it via SID.
+ print ("Patching: Executable with SID in the protected range (0x$exeSid) detected: \"$binaryBaseName\". A self-signed sis with protected executables is not supported.\n");
+ exit(1);
+ }
+ }
+ if (/^Vendor ID: ([0-9a-fA-F]*)$/) {
$originalVid = "$1";
}
if (!$capsFound) {
@@ -303,8 +312,15 @@ if (@ARGV)
my $capsToDropStr = join("\", \"", @capabilitiesToDrop);
$capsToDropStr =~ s/\", \"$//;
- print ("Patching: The following capabilities used in \"$binaryBaseName\" are not compatible with a self-signed package and will be removed: \"$capsToDropStr\".\n");
- $executeNeeded = 1;
+ if ($binaryBaseName =~ /\.exe$/) {
+ # While libraries often have capabilities they do not themselves need just to enable them to be loaded by wider variety of processes,
+ # executables are more likely to need every capability they have been assigned or they won't function correctly.
+ print ("Patching: Executable with capabilities incompatible with self-signing detected: \"$binaryBaseName\". (Incompatible capabilities: \"$capsToDropStr\".) Reducing capabilities is only supported for libraries.\n");
+ exit(1);
+ } else {
+ print ("Patching: The following capabilities used in \"$binaryBaseName\" are not compatible with a self-signed package and will be removed: \"$capsToDropStr\".\n");
+ $executeNeeded = 1;
+ }
}
$commandToExecute = sprintf($baseCommandToExecute, join(" ", @capabilitiesToSet));
}