Code-sign the Windows PuTTY binaries and installer.

Or, at least, potentially do so. The build script now has a slot into which code-signing can be dropped by setting a variable in the bob configuration to specify an appropriate command line. The variable will typically need to point at a script wrapping the actual signing tool, since there are lots of fiddly details (timestamping countersignature, certificate, private key, etc) not given on the command lines in this build script, on the basis that they're local configuration questions for whoever is _running_ this build script.
2025-01-09 17:38:00 +00:00 · 2015-12-11 06:47:20 +00:00 · 2015-12-11 06:47:20 +00:00 · d0e9630e1c
commit d0e9630e1c
parent 45d5aacbfa
1 changed files with 7 additions and 0 deletions
--- a/7
+++ b/7
@ -151,11 +151,18 @@ in putty do perl -i~ -pe 'y/\015//d;s/$$/\015/' LICENCE
 delegate windows
  # FIXME: Cygwin alternative?
  in putty/windows do/win vcvars32 && nmake -f Makefile.vc $(Makeargs)
+  # Code-sign the binaries, if the local bob config provides a script
+  # to do so. We assume here that the script accepts an -i option to
+  # provide a 'more info' URL, and an optional -n option to provide a
+  # program name, and that it can take multiple .exe filename
+  # arguments and sign them all in place.
+  ifneq "$(winsigncode)" "" in putty/windows do $(winsigncode) -i http://www.chiark.greenend.org.uk/~sgtatham/putty/ *.exe
  # Ignore exit code from hhc, in favour of seeing whether the .chm
  # file was created. (Yuck; but hhc appears to return non-zero
  # exit codes on whim.)
  in putty/doc do/win hhc putty.hhp & type putty.chm >nul
  in putty/windows do/win iscc putty.iss
+  ifneq "$(winsigncode)" "" in putty/windows do $(winsigncode) -i http://www.chiark.greenend.org.uk/~sgtatham/putty/ -n "PuTTY Installer" Output/setup.exe
  return putty/windows/*.exe
  return putty/windows/*.map
  return putty/doc/putty.chm