mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 18:07:59 +00:00
5c5879b99d
Mostly this is a reaction to the reports of Inno Setup having a DLL hijacking vulnerability. But also, the new installer has several other nice features that our Inno Setup one didn't provide: it can put the PuTTY install directory on PATH automatically, and it supports completely automatic and silent install/uninstall via 'msiexec /q' which should make it easier for sysadmins to roll out installation in large organisations. Also, it just seems like good sense to be using Windows's own native packaging system (or closest equivalent) rather than going it alone. (And on the developer side, I have to say I like the fact that WiX lets me pass in the version number as a set of command-line #define- equivalents, whereas for Inno Setup I had to have Buildscr apply Perl rewriting to the source file.) For the moment, I'm still building the old Inno Setup installer alongside this one, but I expect to retire it once the WiX one has survived in the wild for a while and proven itself more or less stable. I've found both MSI and WiX to be confusing and difficult technologies, so this installer has some noticeable pieces missing (e.g. retrospective reconfiguration of the installed feature set, and per-user vs systemwide installation) simply because I couldn't get them to work. I've commented the new installer source code heavily, in the hope that a passing WiX expert can give me a hand!
36 lines
922 B
Bash
Executable File
36 lines
922 B
Bash
Executable File
#!/bin/sh
|
|
|
|
# Generate GPG signatures on a PuTTY release/snapshot directory as
|
|
# delivered by Buildscr.
|
|
|
|
# Usage: sh sign.sh [-r] <builddir>
|
|
# e.g. sh sign.sh putty (probably in the build.out directory)
|
|
# or sh sign.sh -r 0.60 (-r means use the release keys)
|
|
|
|
set -e
|
|
|
|
keyname=EEF20295D15F7E8A
|
|
|
|
if test "x$1" = "x-r"; then
|
|
shift
|
|
keyname=9DFE2648B43434E4
|
|
fi
|
|
|
|
sign() {
|
|
# Check for the prior existence of the signature, so we can
|
|
# re-run this script if it encounters an error part way
|
|
# through.
|
|
echo "----- Signing $2 with key '$keyname'"
|
|
test -f "$3" || \
|
|
gpg --load-extension=idea "$1" -u "$keyname" -o "$3" "$2"
|
|
}
|
|
|
|
cd "$1"
|
|
echo "===== Signing with key '$keyname'"
|
|
for i in putty*src.zip putty*.tar.gz x86/*.exe x86/*.zip x86/*.msi; do
|
|
sign --detach-sign "$i" "$i.gpg"
|
|
done
|
|
for i in md5sums sha1sums sha256sums sha512sums; do
|
|
sign --clearsign "$i" "$i.gpg"
|
|
done
|