summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2016-08-02 14:22:43 (GMT)
committerKevin Smith <kevin.smith@isode.com>2016-08-03 09:38:23 (GMT)
commitcc83a29121707f51a7eb8ff11c7eee7a7a575acf (patch)
tree6b83f9ebed26e27050b4a45a991ddfbf3cf4decf /BuildTools/SCons
parent331c6d2570b76f126491e9c955963879c5a76a54 (diff)
downloadswift-cc83a29121707f51a7eb8ff11c7eee7a7a575acf.zip
swift-cc83a29121707f51a7eb8ff11c7eee7a7a575acf.tar.bz2
Add support for signing the resulting MSI installer on Windows
Test-Information: Created a custom CA and added it as trusted to the system. Created a signing certificate and passed it to scons as described. The resulting installer does not show a red UAC dialog anymore during installation. Instead the publisher from the certificate is shown in a blue UAC dialog. Change-Id: Ie4043520f6d45ec2e7aad712441a928cb423b0de
Diffstat (limited to 'BuildTools/SCons')
-rw-r--r--BuildTools/SCons/SConscript.boot8
1 files changed, 8 insertions, 0 deletions
diff --git a/BuildTools/SCons/SConscript.boot b/BuildTools/SCons/SConscript.boot
index f845159..597690d 100644
--- a/BuildTools/SCons/SConscript.boot
+++ b/BuildTools/SCons/SConscript.boot
@@ -104,7 +104,12 @@ vars.Add(BoolVariable("unbound", "Build bundled ldns and unbound. Use them for D
vars.Add(BoolVariable("check_headers", "Independently build compilation units for all Swiften headers for detecting missing dependencies.", "no"))
vars.Add("win_target_arch", "Target architecture for Windows builds. x86 for 32-bit (default) or x86_64 for 64-bit.", "x86")
vars.Add(BoolVariable("install_git_hooks", "Install git hooks", "true"))
+
+# Code Signing Options
vars.Add("codesign_identity", "macOS code signing identity to be passed to codesign when building the distribution package. Must match the Commen Name of the Subject of the code signing certificate.", "")
+vars.Add("signtool_key_pfx", "The keyfile (.pfx) that will be used to sign the Windows installer.", None)
+vars.Add("signtool_timestamp_url", "The timestamp server that will be queried for a signed time stamp in the signing process.", None)
+
################################################################################
# Set up default build & configure environment
@@ -374,6 +379,9 @@ if env["PLATFORM"] == "hpux" :
# Code signing
if env["PLATFORM"] == "darwin" :
env["CODE_SIGN_IDENTITY"] = env["codesign_identity"]
+if env["PLATFORM"] == "win32" :
+ env["SIGNTOOL_KEY_PFX"] = env.get("signtool_key_pfx", None)
+ env["SIGNTOOL_TIMESTAMP_URL"] = env.get("signtool_timestamp_url", None)
# Testing
env["TEST_TYPE"] = env["test"]