phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-01-25 18:53:23 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

guix: Apply all codesignatures to Windows binaries

Browse source
This commit is contained in:
Ava Chow 2024-12-02 17:18:11 -05:00
parent 51237e4418
commit ba67aa681e
1 changed files with 25 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
contrib/guix/libexec/codesign.sh
View file

@ -70,16 +70,34 @@ mkdir -p "$DISTSRC"
case "$HOST" in case "$HOST" in
*mingw*) *mingw*)
find "$PWD" -name "*-unsigned.exe" | while read -r infile; do # Apply detached codesignatures
infile_base="$(basename "$infile")" WORKDIR=".tmp"
mkdir -p ${WORKDIR}
# Codesigned *-unsigned.exe and output to OUTDIR cp -r --target-directory="${WORKDIR}" "unsigned/${DISTNAME}"
find "${WORKDIR}/${DISTNAME}" -name "*.exe" -type f -exec rm {} \;
find unsigned/ -name "*.exe" -type f | while read -r bin
do
bin_base="$(realpath --relative-to=unsigned/ "${bin}")"
mkdir -p "${WORKDIR}/$(dirname "${bin_base}")"
osslsigncode attach-signature \ osslsigncode attach-signature \
-in "$infile" \ -in "${bin}" \
-out "${OUTDIR}/${infile_base/-unsigned}" \ -out "${WORKDIR}/${bin_base/-unsigned}" \
-CAfile "$GUIX_ENVIRONMENT/etc/ssl/certs/ca-certificates.crt" \ -CAfile "$GUIX_ENVIRONMENT/etc/ssl/certs/ca-certificates.crt" \
-sigin codesignatures/win/"$infile_base".pem -sigin codesignatures/win/"${bin_base}".pem
done done
# Move installer to outdir
cd "${WORKDIR}"
find . -name "*setup.exe" -print0 \
| xargs -0r mv --target-directory="${OUTDIR}"
# Make .zip from binaries
find "${DISTNAME}" -print0 \
| xargs -0r touch --no-dereference --date="@${SOURCE_DATE_EPOCH}"
find "${DISTNAME}" \
| sort \
| zip -X@ "${OUTDIR}/${DISTNAME}-${HOST//x86_64-w64-mingw32/win64}.zip" \
|| ( rm -f "${OUTDIR}/${DISTNAME}-${HOST//x86_64-w64-mingw32/win64}.zip" && exit 1 )
;; ;;
*darwin*) *darwin*)
case "$HOST" in case "$HOST" in