Skip to content

M
mariadb
Commit 8c9c2431 authored by Vladislav Vaintroub's avatar Vladislav Vaintroub
Browse files
Options

When using SIGNCODE parameter, check that signing of test executable reaööy works. 

If not,  write warning and disable signing

Also, set SIGNCODE in mysql_release build configuration.
parent c2e1fdf5
Hide whitespace changes
Inline Side-by-side
Showing with 25 additions and 2 deletions
cmake/build_configurations/mysql_release.cmake
View file @ 8c9c2431
...@@ -90,6 +90,11 @@ IF(NOT COMPILATION_COMMENT) ...@@ -90,6 +90,11 @@ IF(NOT COMPILATION_COMMENT)
SET(COMPILATION_COMMENT "MySQL Community Server (GPL)") SET(COMPILATION_COMMENT "MySQL Community Server (GPL)")
ENDIF() ENDIF()
IF(WIN32)
# Sign executables with authenticode certificate
SET(SIGNCODE 1 CACHE BOOL "")
ENDIF()
IF(UNIX) IF(UNIX)
SET(WITH_EXTRA_CHARSETS all CACHE STRING "") SET(WITH_EXTRA_CHARSETS all CACHE STRING "")
IF(EXISTS "${CMAKE_SOURCE_DIR}/COPYING") IF(EXISTS "${CMAKE_SOURCE_DIR}/COPYING")
......
cmake/install_macros.cmake
View file @ 8c9c2431
...@@ -85,6 +85,24 @@ IF(WIN32) ...@@ -85,6 +85,24 @@ IF(WIN32)
MESSAGE(FATAL_ERROR MESSAGE(FATAL_ERROR
"signtool is not found. Signing executables not possible") "signtool is not found. Signing executables not possible")
ENDIF() ENDIF()
IF(NOT DEFINED SIGNCODE_ENABLED)
FILE(WRITE ${CMAKE_CURRENT_BINARY_DIR}/testsign.c "int main(){return 0;}")
MAKE_DIRECTORY(${CMAKE_CURRENT_BINARY_DIR}/testsign)
TRY_COMPILE(RESULT ${CMAKE_CURRENT_BINARY_DIR}/testsign ${CMAKE_CURRENT_BINARY_DIR}/testsign.c
COPY_FILE ${CMAKE_CURRENT_BINARY_DIR}/testsign.exe
)
EXECUTE_PROCESS(COMMAND
${SIGNTOOL_EXECUTABLE} sign ${SIGNTOOL_PARAMETERS} ${CMAKE_CURRENT_BINARY_DIR}/testsign.exe
RESULT_VARIABLE ERR ERROR_QUIET OUTPUT_QUIET
)
IF(ERR EQUAL 0)
SET(SIGNCODE_ENABLED 1 CACHE INTERNAL "Can sign executables")
ELSE()
MESSAGE(STATUS "Disable authenticode signing for executables")
SET(SIGNCODE_ENABLED 0 CACHE INTERNAL "Invalid or missing certificate")
ENDIF()
ENDIF()
MARK_AS_ADVANCED(SIGNTOOL_EXECUTABLE SIGNTOOL_PARAMETERS) MARK_AS_ADVANCED(SIGNTOOL_EXECUTABLE SIGNTOOL_PARAMETERS)
ENDIF() ENDIF()
ENDIF() ENDIF()
...@@ -100,7 +118,7 @@ MACRO(SIGN_TARGET target) ...@@ -100,7 +118,7 @@ MACRO(SIGN_TARGET target)
INSTALL(CODE INSTALL(CODE
"EXECUTE_PROCESS(COMMAND "EXECUTE_PROCESS(COMMAND
${SIGNTOOL_EXECUTABLE} sign ${SIGNTOOL_PARAMETERS} ${target_location} ${SIGNTOOL_EXECUTABLE} sign ${SIGNTOOL_PARAMETERS} ${target_location}
ERROR_VARIABLE ERR) RESULT_VARIABLE ERR)
IF(NOT \${ERR} EQUAL 0) IF(NOT \${ERR} EQUAL 0)
MESSAGE(FATAL_ERROR \"Error signing ${target_location}\") MESSAGE(FATAL_ERROR \"Error signing ${target_location}\")
ENDIF() ENDIF()
...@@ -131,7 +149,7 @@ FUNCTION(MYSQL_INSTALL_TARGETS) ...@@ -131,7 +149,7 @@ FUNCTION(MYSQL_INSTALL_TARGETS)
# If signing is required, sign executables before installing # If signing is required, sign executables before installing
FOREACH(target ${TARGETS}) FOREACH(target ${TARGETS})
IF(SIGNCODE) IF(SIGNCODE AND SIGNCODE_ENABLED)
SIGN_TARGET(${target}) SIGN_TARGET(${target})
ENDIF() ENDIF()
ADD_VERSION_INFO(${target}) ADD_VERSION_INFO(${target})
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7