diff options
Diffstat (limited to 'bin')
| -rwxr-xr-x | bin/createpackage (renamed from bin/createpackage.sh) | 0 | ||||
| -rwxr-xr-x | bin/createpackage.pl | 58 | ||||
| -rwxr-xr-x | bin/patch_capabilities | 3 | ||||
| -rwxr-xr-x | bin/patch_capabilities.pl | 70 |
4 files changed, 92 insertions, 39 deletions
diff --git a/bin/createpackage.sh b/bin/createpackage index fdd4eeb..fdd4eeb 100755 --- a/bin/createpackage.sh +++ b/bin/createpackage diff --git a/bin/createpackage.pl b/bin/createpackage.pl index 1d6ab6b..554d619 100755 --- a/bin/createpackage.pl +++ b/bin/createpackage.pl @@ -85,7 +85,7 @@ Where parameters are as follows: winscw | gcce | armv5 | armv6 | armv7 certificate = The certificate file used for signing key = The certificate's private key file - passphrase = The certificate's private key file's passphrase + passphrase = The passphrase of the certificate's private key file Example: createpackage.pl fluidlauncher_template.pkg release-armv5 @@ -130,16 +130,21 @@ my $templatepkg = $ARGV[0]; my $targetplatform = lc $ARGV[1]; my @tmpvalues = split('-', $targetplatform); -my $target = $tmpvalues[0]; -my $platform = $tmpvalues[1];; +my $target; +$target = $tmpvalues[0] or $target = ""; +my $platform; +$platform = $tmpvalues[1] or $platform = ""; # Convert visual target to real target (debug->udeb and release->urel) $target =~ s/debug/udeb/i; $target =~ s/release/urel/i; -my $certificate = $ARGV[2]; -my $key = $ARGV[3]; -my $passphrase = $ARGV[4]; +my $certificate; +$certificate = $ARGV[2] or $certificate = ""; +my $key; +$key = $ARGV[3] or $key = ""; +my $passphrase; +$passphrase = $ARGV[4] or $passphrase = ""; # Generate output pkg basename (i.e. file name without extension) my $pkgoutputbasename = $templatepkg; @@ -149,11 +154,11 @@ if ($pkgoutputbasename eq $templatepkg) { $preservePkgOutput = "1"; } $pkgoutputbasename =~ s/\.pkg//g; -$pkgoutputbasename = lc($pkgoutputbasename); +$pkgoutputbasename = $pkgoutputbasename; # Store output file names to variables -my $pkgoutput = lc($pkgoutputbasename.".pkg"); -my $sisoutputbasename = lc($pkgoutputbasename); +my $pkgoutput = $pkgoutputbasename.".pkg"; +my $sisoutputbasename = $pkgoutputbasename; $sisoutputbasename =~ s/_$targetplatform//g; my $unsigned_sis_name = $sisoutputbasename."_unsigned.sis"; my $signed_sis_name = $sisoutputbasename.".sis"; @@ -171,14 +176,6 @@ unless (length($templatepkg)) { Usage(); } -# If the pkg file is not actually a template, there is no need for plaform or target. -if ($templatepkg =~ m/_template\.pkg/i) { - unless (length($platform) && length($target)) { - print "\nError: Platform or target is not defined!\n"; - Usage(); - } -} - # Check template exist stat($templatepkg); unless( -e _ ) { @@ -240,12 +237,25 @@ if (!$preservePkgOutput) { } # Preprocess PKG +if ($certtext eq "Self Signed" && !@certificates) { + print("Patching capabilities for self signed package $certificate\n"); + system ("patch_capabilities $templatepkg $targetplatform"); +} + local $/; # read template file open( TEMPLATE, $templatepkg) or die "Error '$templatepkg': $!\n"; $_=<TEMPLATE>; close (TEMPLATE); +# If the pkg file does not contain macros, there is no need for platform or target. +if (m/\$\(PLATFORM\)/) { + unless (length($platform) && length($target)) { + print "\nError: Platform or target is not defined!\n"; + Usage(); + } +} + # replace the PKG variables s/\$\(PLATFORM\)/$platform/gm; s/\$\(TARGET\)/$target/gm; @@ -268,11 +278,15 @@ if($stub) { system ("makesis -s $pkgoutput $stub_sis_name"); } else { # Create SIS. - system ("makesis $pkgoutput $unsigned_sis_name"); + # The 'and' is because system uses 0 to indicate success. + system ("makesis $pkgoutput $unsigned_sis_name") and die ("makesis failed"); print("\n"); # Sign SIS with certificate info given as an argument. - system ("signsis $unsigned_sis_name $signed_sis_name $certificate $key $passphrase"); + my $relcert = File::Spec->abs2rel($certificate); + my $relkey = File::Spec->abs2rel($key); + # The 'and' is because system uses 0 to indicate success. + system ("signsis $unsigned_sis_name $signed_sis_name $relcert $relkey $passphrase") and die ("signsis failed"); # Check if creating signed SIS Succeeded stat($signed_sis_name); @@ -286,10 +300,10 @@ if($stub) { # Sign with additional certificates & keys for my $row ( @certificates ) { # Get certificate absolute file names, relative paths are relative to certfilepath - my $abscert = File::Spec->rel2abs( $row->[0], $certfilepath); - my $abskey = File::Spec->rel2abs( $row->[1], $certfilepath); + my $relcert = File::Spec->abs2rel(File::Spec->rel2abs( $row->[0], $certfilepath)); + my $relkey = File::Spec->abs2rel(File::Spec->rel2abs( $row->[1], $certfilepath)); - system ("signsis $signed_sis_name $signed_sis_name $abscert $abskey $row->[2]"); + system ("signsis $signed_sis_name $signed_sis_name $relcert $relkey $row->[2]"); print ("\tAdditionally signed the SIS with certificate: $row->[0]!\n"); } diff --git a/bin/patch_capabilities b/bin/patch_capabilities new file mode 100755 index 0000000..0d89622 --- /dev/null +++ b/bin/patch_capabilities @@ -0,0 +1,3 @@ +#!/bin/sh +scriptpath=`dirname $0` +perl $scriptpath/patch_capabilities.pl "$@" diff --git a/bin/patch_capabilities.pl b/bin/patch_capabilities.pl index f82c48f..4390957 100755 --- a/bin/patch_capabilities.pl +++ b/bin/patch_capabilities.pl @@ -50,14 +50,26 @@ sub Usage() { print("This script can be used to set capabilities of all binaries\n"); print("specified for deployment in a .pkg file.\n"); print("If no capabilities are given, the binaries will be given the\n"); - print("capabilities supported by self-signed certificates.\n"); - print("\n *** NOTE: If *_template.pkg file is given, 'target-platform' is REQUIRED. ***\n"); - print("\nUsage: patch_capabilities.pl pkg_filename <target-platform> [capability list]\n"); + print("capabilities supported by self-signed certificates.\n\n"); + print(" *** NOTE: If *_template.pkg file is given and one is using symbian-abld or\n"); + print(" symbian-sbsv2 platform, 'target-platform' is REQUIRED. ***\n"); + print("\nUsage: patch_capabilities.pl pkg_filename [target-platform [capability list]]\n"); print("\nE.g. patch_capabilities.pl myapp_template.pkg release-armv5 \"All -TCB\"\n"); exit(); } -my @capabilitiesToSet = ("LocalServices", "NetworkServices", "ReadUserData", "UserEnvironment", "WriteUserData"); +sub trim($) { + my $string = shift; + $string =~ s/^\s+//; + $string =~ s/\s+$//; + return $string; +} + +my $nullDevice = "/dev/null"; +$nullDevice = "NUL" if ($^O =~ /MSWin/); + +my @capabilitiesToAllow = ("LocalServices", "NetworkServices", "ReadUserData", "UserEnvironment", "WriteUserData"); +my @capabilitiesSpecified = (); # If arguments were given to the script, if (@ARGV) @@ -73,11 +85,16 @@ if (@ARGV) if (($pkgFileName =~ m|_template\.pkg$|i) && -r($pkgFileName)) { my $targetplatform; - unless ($targetplatform = shift(@ARGV)) + my $templateFile; + my $templateContents; + open($templateFile, "< $pkgFileName") or die ("Could not open $pkgFileName"); + $templateContents = <$templateFile>; + close($templateFile); + unless (($targetplatform = shift(@ARGV)) || $templateContents !~ /\$\(PLATFORM\)/) { Usage(); } - + $targetplatform = "-" if (!$targetplatform); my @tmpvalues = split('-', $targetplatform); $target = $tmpvalues[0]; $platform = $tmpvalues[1]; @@ -93,10 +110,10 @@ if (@ARGV) # If there are more arguments given, parse them as capabilities. if (@ARGV) { - @capabilitiesToSet = (); + @capabilitiesSpecified = (); while (@ARGV) { - push (@capabilitiesToSet, pop(@ARGV)); + push (@capabilitiesSpecified, pop(@ARGV)); } } @@ -174,7 +191,7 @@ if (@ARGV) my $destinationPath = $2; # If the given file is a binary, check the target and binary type (+ the actual filename) from its path. - if ($sourcePath =~ m:/epoc32/release/([^/]+)/(udeb|urel|\$\(TARGET\))/(\w+(\.dll|\.exe)):i) + if ($sourcePath =~ m:\w+(\.dll|\.exe)$:i) { # Do preprocessing for template pkg, # In case of template pkg target and platform variables are set @@ -197,23 +214,42 @@ if (@ARGV) print ("\n"); - my $baseCommandToExecute = "elftran -vid 0x0 -capability \""; - if (@capabilitiesToSet) - { - $baseCommandToExecute .= join(" ", @capabilitiesToSet); - } - $baseCommandToExecute .= "\" "; + my $baseCommandToExecute = "elftran -vid 0x0 -capability \"%s\" "; # Actually set the capabilities of the listed binaries. foreach my $binaryPath(@binaries) { # Create the command line for setting the capabilities. my $commandToExecute = $baseCommandToExecute; + if (@capabilitiesSpecified) + { + $commandToExecute = sprintf($baseCommandToExecute, join(" ", @capabilitiesSpecified)); + } else { + # Test which capabilities are present and then restrict them to the allowed set. + # This avoid raising the capabilities of apps that already have none. + my $dllCaps; + open($dllCaps, "elftran -dump s $binaryPath |") or die ("Could not execute elftran"); + my $capsFound = 0; + my @capabilitiesToSet; + my $capabilitiesToAllow = join(" ", @capabilitiesToAllow); + while (<$dllCaps>) { + if (!$capsFound) { + $capsFound = 1 if (/Capabilities:/); + } else { + $_ = trim($_); + if ($capabilitiesToAllow =~ /$_/) { + push(@capabilitiesToSet, $_); + } + } + } + close($dllCaps); + $commandToExecute = sprintf($baseCommandToExecute, join(" ", @capabilitiesToSet)); + } $commandToExecute .= $binaryPath; # Actually execute the elftran command to set the capabilities. - system ($commandToExecute." > NUL"); - print ("Executed ".$commandToExecute."\n"); + print ("Executing ".$commandToExecute."\n"); + system ($commandToExecute." > $nullDevice"); ## Create another command line to check that the set capabilities are correct. #$commandToExecute = "elftran -dump s ".$binaryPath; |