nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity
5c5879b99d
putty-source/sign.sh
Simon Tatham 5c5879b99d New Windows installer system, using WiX to build an MSI. 
Mostly this is a reaction to the reports of Inno Setup having a DLL
hijacking vulnerability. But also, the new installer has several other
nice features that our Inno Setup one didn't provide: it can put the
PuTTY install directory on PATH automatically, and it supports
completely automatic and silent install/uninstall via 'msiexec /q'
which should make it easier for sysadmins to roll out installation in
large organisations. Also, it just seems like good sense to be using
Windows's own native packaging system (or closest equivalent) rather
than going it alone.

(And on the developer side, I have to say I like the fact that WiX
lets me pass in the version number as a set of command-line #define-
equivalents, whereas for Inno Setup I had to have Buildscr apply Perl
rewriting to the source file.)

For the moment, I'm still building the old Inno Setup installer
alongside this one, but I expect to retire it once the WiX one has
survived in the wild for a while and proven itself more or less
stable.

I've found both MSI and WiX to be confusing and difficult
technologies, so this installer has some noticeable pieces missing
(e.g. retrospective reconfiguration of the installed feature set, and
per-user vs systemwide installation) simply because I couldn't get
them to work. I've commented the new installer source code heavily, in
the hope that a passing WiX expert can give me a hand!
2016-03-09 20:55:38 +00:00

36 lines
922 B
Bash
Executable File
Raw Blame History

#!/bin/sh
# Generate GPG signatures on a PuTTY release/snapshot directory as
# delivered by Buildscr.
# Usage: sh sign.sh [-r] <builddir>
# e.g. sh sign.sh putty (probably in the build.out directory)
# or sh sign.sh -r 0.60 (-r means use the release keys)
set -e
keyname=EEF20295D15F7E8A
if test "x$1" = "x-r"; then
shift
keyname=9DFE2648B43434E4
fi
sign() {
# Check for the prior existence of the signature, so we can
# re-run this script if it encounters an error part way
# through.
echo "----- Signing $2 with key '$keyname'"
test -f "$3" || \
gpg --load-extension=idea "$1" -u "$keyname" -o "$3" "$2"
}
cd "$1"
echo "===== Signing with key '$keyname'"
for i in putty*src.zip putty*.tar.gz x86/*.exe x86/*.zip x86/*.msi; do
sign --detach-sign "$i" "$i.gpg"
done
for i in md5sums sha1sums sha256sums sha512sums; do
sign --clearsign "$i" "$i.gpg"
done
Reference in New Issue View Git Blame Copy Permalink