From 596ea4b5c4e53b0a600ae3436bb49d5740821bd9 Mon Sep 17 00:00:00 2001 From: Miikka Heikkinen Date: Fri, 16 Apr 2010 15:01:37 +0300 Subject: Fixed automatic patching of self-signed packages - Don't autopatch when just preprocessing pkg or creating stub package - Copy binaries before patching so that originals are preserved. - Only autopatch the preprocessed file so that original template is preserved. - Added clear warning to patch_capabilities.pl to notify users that patched package is not suitable for distribution. Task-number: QTBUG-9972 Reviewed-by: Shane Kearns (cherry picked from commit 33aac2ca5b79afcb08c13c2b4092acfdb5056fdb) --- bin/createpackage.pl | 13 +++++++++---- bin/patch_capabilities.pl | 27 +++++++++++++++++++++------ 2 files changed, 30 insertions(+), 10 deletions(-) diff --git a/bin/createpackage.pl b/bin/createpackage.pl index 554d619..23fe26d 100755 --- a/bin/createpackage.pl +++ b/bin/createpackage.pl @@ -101,6 +101,10 @@ Example with certfile: If no certificate and key files are provided, either a RnD certificate or a self-signed certificate from QtDir\\src\\s60installs directory is used. +In the latter case the resulting package will also be automatically patched +using patch_capabilities.pl script, which makes it unsuitable for distribution. +Always specify certificates explicitly if you wish to distribute your package. + ============================================================================================== ENDUSAGESTRING @@ -237,10 +241,6 @@ if (!$preservePkgOutput) { } # Preprocess PKG -if ($certtext eq "Self Signed" && !@certificates) { - print("Patching capabilities for self signed package $certificate\n"); - system ("patch_capabilities $templatepkg $targetplatform"); -} local $/; # read template file @@ -277,6 +277,11 @@ if($stub) { # Create stub SIS. system ("makesis -s $pkgoutput $stub_sis_name"); } else { + if ($certtext eq "Self Signed" && !@certificates) { + print("Auto-patching capabilities for self signed package.\n"); + system ("patch_capabilities $pkgoutput"); + } + # Create SIS. # The 'and' is because system uses 0 to indicate success. system ("makesis $pkgoutput $unsigned_sis_name") and die ("makesis failed"); diff --git a/bin/patch_capabilities.pl b/bin/patch_capabilities.pl index 4390957..9741bc3 100755 --- a/bin/patch_capabilities.pl +++ b/bin/patch_capabilities.pl @@ -46,6 +46,8 @@ # ####################################################################### +use File::Copy; + sub Usage() { print("This script can be used to set capabilities of all binaries\n"); print("specified for deployment in a .pkg file.\n"); @@ -107,6 +109,9 @@ if (@ARGV) # If the specified ".pkg" file exists (and can be read), if (($pkgFileName =~ m|\.pkg$|i) && -r($pkgFileName)) { + print ("\n"); + print ("Patching package file and relevant binaries...\n"); + # If there are more arguments given, parse them as capabilities. if (@ARGV) { @@ -180,15 +185,10 @@ if (@ARGV) $manufacturerElseBlock = 0; } - print NEW_PKG $newLine; - - chomp ($line); - # If the line specifies a file, parse the source and destination locations. if ($line =~ m|\"([^\"]+)\"\s*\-\s*\"([^\"]+)\"|) { my $sourcePath = $1; - my $destinationPath = $2; # If the given file is a binary, check the target and binary type (+ the actual filename) from its path. if ($sourcePath =~ m:\w+(\.dll|\.exe)$:i) @@ -201,9 +201,22 @@ if (@ARGV) $sourcePath =~ s/\$\(TARGET\)/$target/gm; } - push (@binaries, $sourcePath); + # Change the source file name (but only if not already patched) + my $patchedSourcePath = $sourcePath; + if ($patchedSourcePath !~ m/_patched_caps/) + { + $newLine =~ s/(^.*)(\.dll|\.exe)(.*)(\.dll|\.exe)/$1_patched_caps$2$3$4/i; + $patchedSourcePath =~ s/(^.*)(\.dll|\.exe)/$1_patched_caps$2/i; + + copy($sourcePath, $patchedSourcePath) or die "$sourcePath cannot be copied for patching."; + } + push (@binaries, $patchedSourcePath); } } + + print NEW_PKG $newLine; + + chomp ($line); } close (PKG); @@ -256,6 +269,8 @@ if (@ARGV) } print ("\n"); + print ("NOTE: A patched package should not be used for distribution!\n"); + print ("\n"); } } else -- cgit v0.12