[tomcat] 02/02: Enable detached signatures for Windows installer

[ma...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6fdd953b149fd4e12b250dcf980f15b96527f3fb
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Mar 23 12:56:57 2022 +0000

    Enable detached signatures for Windows installer
---
 build.xml | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index 83fdcdb4e2..6fdc88cab4 100644
--- a/build.xml
+++ b/build.xml
@@ -2456,8 +2456,13 @@ skip.installer property in build.properties" />
         <include name="*.bmp" />
         <include name="*.ico" />
         <include name="*.xml" />
+        <include name="Uninstall.exe.sig" />
       </fileset>
     </copy>
+    <copy file="res/install-win/tomcat-installer.exe.sig"
+        tofile="${tomcat.release}/v${version}/bin/${final.name}.exe.sig"
+        failonerror="false"
+        quiet="true" />
     <copy file="${nsis.installoptions.dll}" todir="${tomcat.dist}" />
     <copy file="${nsis.nsexec.dll}" todir="${tomcat.dist}" />
     <copy file="${nsis.nsisdl.dll}" todir="${tomcat.dist}" />
@@ -2510,12 +2515,18 @@ skip.installer property in build.properties" />
   <target name="-installer-sign-uninstaller"
       unless="skip.installer" depends="-installer-create-uninstaller,setup-jsign"
       if="${do.codesigning}">
+    <!-- If the detached signature doesn't exist, this will sign the file    -->
+    <!-- and create the detached signature. If the detached signature does   -->
+    <!-- exist it will be attached to the file.                              -->
     <jsign file="${tomcat.dist}/Uninstall.exe"
         storepass="${codesigning.storepass}"
         storetype="${codesigning.storetype}"
         alias="${codesigning.alias}"
         alg="${codesigning.digest}"
-        tsaurl="http://timestamp.digicert.com"/>
+        tsaurl="http://timestamp.digicert.com"
+        detached="true"/>
+    <!-- Copy detached signature to source tree -->
+    <copy file="${tomcat.dist}/Uninstall.exe.sig" todir="res/install-win"/>
     <!-- Reproducible builds: consistent timestamps for installer files -->
     <touch datetime="${tstamp.file}" pattern="yyyy-MM-dd HH:mm:ss">
       <fileset dir="${tomcat.dist}"/>
@@ -2547,7 +2558,12 @@ skip.installer property in build.properties" />
         storetype="${codesigning.storetype}"
         alias="${codesigning.alias}"
         alg="${codesigning.digest}"
-        tsaurl="http://timestamp.digicert.com"/>
+        tsaurl="http://timestamp.digicert.com"
+        detached="true" />
+    <!-- Copy detached signature to source tree -->
+    <copy file="${tomcat.release}/v${version}/bin/${final.name}.exe.sig"
+        tofile="res/install-win/tomcat-installer.exe.sig"/>
+    <delete file="${tomcat.release}/v${version}/bin/${final.name}.exe.sig" />
     <!-- .exe has changed so need to redo checksums and OpenPGP signature -->
     <delete file="${tomcat.release}/v${version}/bin/${final.name}.exe.asc" />
     <delete file="${tomcat.release}/v${version}/bin/${final.name}.exe.sha512" />


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org