1cdf0e10cSrcweir: 2cdf0e10cSrcweireval 'exec perl -wS $0 ${1+"$@"}' 3cdf0e10cSrcweir if 0; 4*7e90fac2SAndrew Rist#************************************************************** 5*7e90fac2SAndrew Rist# 6*7e90fac2SAndrew Rist# Licensed to the Apache Software Foundation (ASF) under one 7*7e90fac2SAndrew Rist# or more contributor license agreements. See the NOTICE file 8*7e90fac2SAndrew Rist# distributed with this work for additional information 9*7e90fac2SAndrew Rist# regarding copyright ownership. The ASF licenses this file 10*7e90fac2SAndrew Rist# to you under the Apache License, Version 2.0 (the 11*7e90fac2SAndrew Rist# "License"); you may not use this file except in compliance 12*7e90fac2SAndrew Rist# with the License. You may obtain a copy of the License at 13*7e90fac2SAndrew Rist# 14*7e90fac2SAndrew Rist# http://www.apache.org/licenses/LICENSE-2.0 15*7e90fac2SAndrew Rist# 16*7e90fac2SAndrew Rist# Unless required by applicable law or agreed to in writing, 17*7e90fac2SAndrew Rist# software distributed under the License is distributed on an 18*7e90fac2SAndrew Rist# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 19*7e90fac2SAndrew Rist# KIND, either express or implied. See the License for the 20*7e90fac2SAndrew Rist# specific language governing permissions and limitations 21*7e90fac2SAndrew Rist# under the License. 22*7e90fac2SAndrew Rist# 23*7e90fac2SAndrew Rist#************************************************************** 24*7e90fac2SAndrew Rist 25*7e90fac2SAndrew Rist 26cdf0e10cSrcweir 27cdf0e10cSrcweiruse strict; 28cdf0e10cSrcweiruse Getopt::Long; 29cdf0e10cSrcweir 30cdf0e10cSrcweirmy $debug = 0; 31cdf0e10cSrcweirmy $max_files = 20; # sign $max_files with one command line 32cdf0e10cSrcweir 33cdf0e10cSrcweir#### globals ##### 34cdf0e10cSrcweirmy $myname = ""; 35cdf0e10cSrcweirmy $opt_dir = ""; 36cdf0e10cSrcweirmy $opt_exclude = ""; # file with a list of not signable dll and exe files 37cdf0e10cSrcweirmy $opt_verbose = 0; 38cdf0e10cSrcweirmy $opt_help = 0; 39cdf0e10cSrcweirmy $opt_log = ""; # for logging 40cdf0e10cSrcweirmy $opt_pass = ""; # password for signing 41cdf0e10cSrcweirmy $opt_pfxfile = ""; # Personal Information Exchange file 42cdf0e10cSrcweirmy $opt_timestamp_url = ""; # timestamp url 43cdf0e10cSrcweirmy %exclude_files = (); # list of not signable dll and exe files 44cdf0e10cSrcweirmy $signtool = "signtool.exe sign"; 45cdf0e10cSrcweirmy @args = (); 46cdf0e10cSrcweirmy @files_to_sign = (); 47cdf0e10cSrcweir 48cdf0e10cSrcweir#### main ##### 49cdf0e10cSrcweir$myname = script_id(); 50cdf0e10cSrcweirif ( $#ARGV < 2 ) { 51cdf0e10cSrcweir usage(); 52cdf0e10cSrcweir exit(1); 53cdf0e10cSrcweir} 54cdf0e10cSrcweir@args = parse_options(); 55cdf0e10cSrcweirget_exclude_files(); 56cdf0e10cSrcweir@files_to_sign = get_files(\@args); 57cdf0e10cSrcweirif ( $opt_log ) { # logging 58cdf0e10cSrcweir open(LOG,">$opt_log") || die "Can't open log file $opt_log\n"; 59cdf0e10cSrcweir} 60cdf0e10cSrcweirsign_files(\@files_to_sign); 61cdf0e10cSrcweirclose LOG if ($opt_log); # logging 62cdf0e10cSrcweirexit 0; 63cdf0e10cSrcweir 64cdf0e10cSrcweir 65cdf0e10cSrcweir#### subroutines #### 66cdf0e10cSrcweir 67cdf0e10cSrcweirsub script_id 68cdf0e10cSrcweir{ 69cdf0e10cSrcweir ( my $script_name = $0 ) =~ s/^.*[\\\/]([\w\.]+)$/$1/; 70cdf0e10cSrcweir 71cdf0e10cSrcweir my $script_rev; 72cdf0e10cSrcweir my $id_str = ' $Revision$ '; 73cdf0e10cSrcweir $id_str =~ /Revision:\s+(\S+)\s+\$/ 74cdf0e10cSrcweir ? ($script_rev = $1) : ($script_rev = "-"); 75cdf0e10cSrcweir# print "\n$script_name -- version: $script_rev\n"; 76cdf0e10cSrcweir return $script_name; 77cdf0e10cSrcweir} 78cdf0e10cSrcweir 79cdf0e10cSrcweir############################################################################ 80cdf0e10cSrcweirsub parse_options #09.07.2007 08:13 81cdf0e10cSrcweir############################################################################ 82cdf0e10cSrcweir{ 83cdf0e10cSrcweir # e exclude list file 84cdf0e10cSrcweir # v verbose 85cdf0e10cSrcweir my $success = GetOptions('h' => \$opt_help, 86cdf0e10cSrcweir 'd=s' => \$opt_dir, 'e=s'=>\$opt_exclude, 'f=s'=>\$opt_pfxfile, 'l=s'=>\$opt_log, 87cdf0e10cSrcweir 'p=s'=>\$opt_pass,'v'=>\$opt_verbose, 't=s'=>\$opt_timestamp_url); 88cdf0e10cSrcweir if ( !$success || $opt_help ) { 89cdf0e10cSrcweir usage(); 90cdf0e10cSrcweir exit(1); 91cdf0e10cSrcweir } 92cdf0e10cSrcweir if ( !$opt_exclude || !$opt_pfxfile || !$opt_pass || !$opt_timestamp_url) { 93cdf0e10cSrcweir print "ERROR: Parameter missing!\n!"; 94cdf0e10cSrcweir usage(); 95cdf0e10cSrcweir exit(1); 96cdf0e10cSrcweir } 97cdf0e10cSrcweir return @ARGV; 98cdf0e10cSrcweir} ##parse_options 99cdf0e10cSrcweir 100cdf0e10cSrcweir############################################################################ 101cdf0e10cSrcweirsub get_exclude_files #09.07.2007 10:12 102cdf0e10cSrcweir############################################################################ 103cdf0e10cSrcweir{ 104cdf0e10cSrcweir if ( -e $opt_exclude ) { 105cdf0e10cSrcweir # get data from cache file 106cdf0e10cSrcweir open( IN, "<$opt_exclude") || die "Can't open exclude file $opt_exclude\n"; 107cdf0e10cSrcweir while ( my $line = <IN> ) { 108cdf0e10cSrcweir chomp($line); 109cdf0e10cSrcweir $exclude_files{$line} = 1; # fill hash 110cdf0e10cSrcweir print "$line - $exclude_files{$line}\n" if ($debug); 111cdf0e10cSrcweir } 112cdf0e10cSrcweir } else 113cdf0e10cSrcweir { 114cdf0e10cSrcweir print_error("Can't open $opt_exclude file!\n"); 115cdf0e10cSrcweir } 116cdf0e10cSrcweir} ##get_exclude_files 117cdf0e10cSrcweir 118cdf0e10cSrcweir############################################################################ 119cdf0e10cSrcweirsub get_files #10.07.2007 10:19 120cdf0e10cSrcweir############################################################################ 121cdf0e10cSrcweir { 122cdf0e10cSrcweir use File::Basename; 123cdf0e10cSrcweir my $target = shift; 124cdf0e10cSrcweir my $file_pattern; 125cdf0e10cSrcweir my $file; 126cdf0e10cSrcweir my @files = (); 127cdf0e10cSrcweir print "\n"; 128cdf0e10cSrcweir foreach $file_pattern ( @$target ) 129cdf0e10cSrcweir { 130cdf0e10cSrcweir print "Files: $file_pattern\n"; 131cdf0e10cSrcweir foreach $file ( glob( $file_pattern ) ) 132cdf0e10cSrcweir { 133cdf0e10cSrcweir my $lib = File::Basename::basename $file; 134cdf0e10cSrcweir if ( ! $exclude_files{$lib} ) { 135cdf0e10cSrcweir push @files,$file; 136cdf0e10cSrcweir } 137cdf0e10cSrcweir else 138cdf0e10cSrcweir { 139cdf0e10cSrcweir print "exclude=$lib\n" if ($opt_verbose); 140cdf0e10cSrcweir } 141cdf0e10cSrcweir } 142cdf0e10cSrcweir } 143cdf0e10cSrcweir print "\n"; 144cdf0e10cSrcweir return @files; 145cdf0e10cSrcweir} ##get_files 146cdf0e10cSrcweir 147cdf0e10cSrcweir############################################################################ 148cdf0e10cSrcweirsub sign_files #09.07.2007 10:36 149cdf0e10cSrcweir############################################################################ 150cdf0e10cSrcweir{ 151cdf0e10cSrcweir my $files_to_sign = shift; 152cdf0e10cSrcweir my $commandline_base = ""; # contains whole stuff without the file name 153cdf0e10cSrcweir my $file = ""; 154cdf0e10cSrcweir my $result = ""; 155cdf0e10cSrcweir 156cdf0e10cSrcweir print_error("Can't open PFX file: $opt_pfxfile\n") if ( ! -e $opt_pfxfile ); 157cdf0e10cSrcweir print_error("Password is empty\n") if ( !$opt_pass ); 158cdf0e10cSrcweir if ( $opt_pass =~ /\.exe$/ ) { 159cdf0e10cSrcweir # get password by tool 160cdf0e10cSrcweir open(PIPE, "$opt_pass 2>&1 |") || die "Can't open PIPE!\n"; 161cdf0e10cSrcweir my $pass = <PIPE>; 162cdf0e10cSrcweir close PIPE; 163cdf0e10cSrcweir print_error("Can't get password!\n") if ( !$pass ); # exit here 164cdf0e10cSrcweir $opt_pass = $pass; 165cdf0e10cSrcweir } 166cdf0e10cSrcweir $signtool .= " -v" if ($opt_verbose); 167cdf0e10cSrcweir $commandline_base = $signtool . " " . "-f $opt_pfxfile -p $opt_pass -t $opt_timestamp_url"; 168cdf0e10cSrcweir 169cdf0e10cSrcweir # Here switch between: 170cdf0e10cSrcweir # one command line for muliple files (all doesn't work, too much) / for each file one command line 171cdf0e10cSrcweir if ( $max_files > 1 ) { 172cdf0e10cSrcweir exec_multi_sign($files_to_sign, $commandline_base); 173cdf0e10cSrcweir } else 174cdf0e10cSrcweir { 175cdf0e10cSrcweir exec_single_sign($files_to_sign, $commandline_base); 176cdf0e10cSrcweir } 177cdf0e10cSrcweir} ##sign_files 178cdf0e10cSrcweir 179cdf0e10cSrcweir############################################################################ 180cdf0e10cSrcweirsub exec_single_sign #11.07.2007 09:05 181cdf0e10cSrcweir############################################################################ 182cdf0e10cSrcweir{ 183cdf0e10cSrcweir my $files_to_sign = shift; 184cdf0e10cSrcweir my $commandline_base = shift; # contains whole stuff without the file name 185cdf0e10cSrcweir my $file = ""; 186cdf0e10cSrcweir my $commandline = ""; 187cdf0e10cSrcweir 188cdf0e10cSrcweir foreach $file (@$files_to_sign) 189cdf0e10cSrcweir { 190cdf0e10cSrcweir $commandline = $commandline_base . " $file"; 191cdf0e10cSrcweir print "$commandline\n" if ($debug); 192cdf0e10cSrcweir execute($commandline); 193cdf0e10cSrcweir } #foreach 194cdf0e10cSrcweir} ##exec_single_sign 195cdf0e10cSrcweir 196cdf0e10cSrcweir############################################################################ 197cdf0e10cSrcweirsub exec_multi_sign #11.07.2007 08:56 198cdf0e10cSrcweir############################################################################ 199cdf0e10cSrcweir { 200cdf0e10cSrcweir # sign multiple file with one command line 201cdf0e10cSrcweir my $files_to_sign = shift; 202cdf0e10cSrcweir my $commandline_base = shift; # contains whole stuff without the file name 203cdf0e10cSrcweir my $commandline = $commandline_base; # contains stuff which will be executed 204cdf0e10cSrcweir my $file = ""; 205cdf0e10cSrcweir my $counter = 0; 206cdf0e10cSrcweir 207cdf0e10cSrcweir foreach $file (@$files_to_sign) 208cdf0e10cSrcweir { 209cdf0e10cSrcweir $commandline .= " $file"; 210cdf0e10cSrcweir ++$counter; 211cdf0e10cSrcweir if ( $counter >= $max_files ) { 212cdf0e10cSrcweir execute($commandline); 213cdf0e10cSrcweir $counter = 0; # reset counter 214cdf0e10cSrcweir $commandline = $commandline_base; # reset command line 215cdf0e10cSrcweir } 216cdf0e10cSrcweir } 217cdf0e10cSrcweir execute($commandline) if ($counter > 0); 218cdf0e10cSrcweir} ##exec_multi_sign 219cdf0e10cSrcweir 220cdf0e10cSrcweir############################################################################ 221cdf0e10cSrcweirsub execute #11.07.2007 10:02 222cdf0e10cSrcweir############################################################################ 223cdf0e10cSrcweir{ 224cdf0e10cSrcweir my $commandline = shift; 225cdf0e10cSrcweir my $result = ""; 226cdf0e10cSrcweir 227cdf0e10cSrcweir print "$commandline\n" if ($debug); 228cdf0e10cSrcweir open(PIPE, "$commandline 2>&1 |") || die "Error: Cant open pipe!\n"; 229cdf0e10cSrcweir while ( $result = <PIPE> ) { 230cdf0e10cSrcweir print LOG "$result" if ($opt_log); # logging 231cdf0e10cSrcweir if ( $result =~ /SignTool Error\:/ ) { 232cdf0e10cSrcweir close PIPE; 233cdf0e10cSrcweir print_error( "$result\n" ); 234cdf0e10cSrcweir } # if error 235cdf0e10cSrcweir } # while 236cdf0e10cSrcweir close PIPE; 237cdf0e10cSrcweir} ##execute 238cdf0e10cSrcweir 239cdf0e10cSrcweir############################################################################ 240cdf0e10cSrcweirsub print_error #09.07.2007 11:21 241cdf0e10cSrcweir############################################################################ 242cdf0e10cSrcweir { 243cdf0e10cSrcweir my $text = shift; 244cdf0e10cSrcweir print "ERROR: $text\n"; 245cdf0e10cSrcweir print LOG "ERROR: $text\n" if ($opt_log); # logging 246cdf0e10cSrcweir close LOG if ($opt_log); # logging 247cdf0e10cSrcweir exit(1); 248cdf0e10cSrcweir} ##print_error 249cdf0e10cSrcweir 250cdf0e10cSrcweir############################################################################ 251cdf0e10cSrcweirsub usage #09.07.2007 08:39 252cdf0e10cSrcweir############################################################################ 253cdf0e10cSrcweir { 254cdf0e10cSrcweir print "Usage:\t $myname <-e filename> <-f filename> <-p password> <-t timestamp> [-l filename] [-v] <file[list]> \n"; 255cdf0e10cSrcweir print "Options:\n"; 256cdf0e10cSrcweir print "\t -e filename\t\t\tFile which contains a list of files which don't have to be signed.\n"; 257cdf0e10cSrcweir print "Mandatory.\n"; 258cdf0e10cSrcweir print "\t -f pfx_filename\t\t\"Personal Information Exchange\" file. "; 259cdf0e10cSrcweir print "Mandatory.\n"; 260cdf0e10cSrcweir print "\t -p password\t\t\tPassword for \"Personal Information Exchange\" file. Mandatory.\n"; 261cdf0e10cSrcweir print "\t -t timestamp\t\t\tTimestamp URL e.g. \"http://timestamp.verisign.com/scripts/timstamp.dll\"\n"; 262cdf0e10cSrcweir print "\t\t\t\t\tMandatory.\n"; 263cdf0e10cSrcweir print "\t -l log_filename\t\tFile for logging.\n"; 264cdf0e10cSrcweir print "\t -v\t\t\t\tVerbose.\n"; 265cdf0e10cSrcweir} ##usage 266cdf0e10cSrcweir 267cdf0e10cSrcweir 268cdf0e10cSrcweir 269cdf0e10cSrcweir 270