From 35ea73f76cf3ebea58cad0455e8ec3ed2adbfa42 Mon Sep 17 00:00:00 2001 From: Tres Finocchiaro Date: Wed, 8 Apr 2020 17:05:18 -0400 Subject: [PATCH] AuthentiCode sign launcher, uninstaller (#614) * Sign uninstall.exe, qz-tray.exe * Cleanup and organize ant build scripts Co-authored-by: Berenz --- ant/apple/installer.xml | 193 ++++++++++ ant/javafx.xml | 70 ++-- ant/lib/slim-icu.py | 23 +- ant/linux/installer.xml | 45 +++ ant/signing.xml | 51 +++ ant/version.xml | 28 ++ ant/windows/installer.xml | 111 ++++++ ant/windows/nsis/Include/FindJava.nsh | 2 +- ant/windows/nsis/Include/SetTitleBar.nsh | 5 + ant/windows/nsis/Include/StrRep.nsh | 10 +- ant/windows/windows-installer.nsi.in | 32 +- ant/windows/windows-launcher.nsi.in | 2 +- ant/windows/windows-uninstaller.nsi.in | 110 ++++++ build.xml | 457 +++-------------------- src/qz/installer/WindowsInstaller.java | 4 +- 15 files changed, 654 insertions(+), 489 deletions(-) create mode 100644 ant/apple/installer.xml create mode 100644 ant/linux/installer.xml create mode 100644 ant/signing.xml create mode 100644 ant/version.xml create mode 100644 ant/windows/installer.xml create mode 100644 ant/windows/nsis/Include/SetTitleBar.nsh create mode 100644 ant/windows/windows-uninstaller.nsi.in diff --git a/ant/apple/installer.xml b/ant/apple/installer.xml new file mode 100644 index 000000000..3ddd5258c --- /dev/null +++ b/ant/apple/installer.xml @@ -0,0 +1,193 @@ + + + + + + + + + + + Creating installer using pkgbuild + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ant/javafx.xml b/ant/javafx.xml index 0970f47b4..7e0dfb8c0 100644 --- a/ant/javafx.xml +++ b/ant/javafx.xml @@ -1,4 +1,6 @@ + + @@ -6,24 +8,26 @@ - Windows: - current.platform.windows=${current.platform.windows} - target.platform.windows=${target.platform.windows} - javafx.windows.needed=${javafx.windows.needed} - javafx.windows.found=${javafx.windows.found} (before download) - - Mac: - current.platform.mac=${current.platform.mac} - target.platform.mac=${target.platform.mac} - javafx.mac.needed=${javafx.mac.needed} - javafx.mac.found=${javafx.mac.found} (before download) - - Linux: - current.platform.linux=${current.platform.linux} - target.platform.linux=${target.platform.linux} - javafx.linux.needed=${javafx.linux.needed} - javafx.linux.found=${javafx.linux.found} (before download) - + + Windows: + current.platform.windows=${current.platform.windows} + target.platform.windows=${target.platform.windows} + javafx.windows.needed=${javafx.windows.needed} + javafx.windows.found=${javafx.windows.found} (before download) + + Mac: + current.platform.mac=${current.platform.mac} + target.platform.mac=${target.platform.mac} + javafx.mac.needed=${javafx.mac.needed} + javafx.mac.found=${javafx.mac.found} (before download) + + Linux: + current.platform.linux=${current.platform.linux} + target.platform.linux=${target.platform.linux} + javafx.linux.needed=${javafx.linux.needed} + javafx.linux.found=${javafx.linux.found} (before download) + + @@ -64,6 +68,7 @@ + @@ -110,7 +115,7 @@ - + @@ -137,7 +142,7 @@ - javafx.current.extension=${javafx.current.extension} + javafx.current.extension=${javafx.current.extension} @@ -157,7 +162,7 @@ - javafx.target.extension=${javafx.target.extension} + javafx.target.extension=${javafx.target.extension} @@ -166,8 +171,9 @@ - - + + + Removing non-${javafx.target.extension} files @@ -192,29 +198,29 @@ - - + + + - - - + + + - - - + + + - \ No newline at end of file diff --git a/ant/lib/slim-icu.py b/ant/lib/slim-icu.py index ca109ac12..1bd9e357f 100644 --- a/ant/lib/slim-icu.py +++ b/ant/lib/slim-icu.py @@ -1,7 +1,22 @@ -# Download icu4j source code, build using ant, -# it will generate icu4j.jar and icu4j-charset.jar -# Run slim-icu.py to generate slim version -# Currently this script will only keep Arabic and English data +# 2018 Yohanes Nugroho (@yohanes) +# +# 1. Download icu4j source code, build using ant. +# It will generate icu4j.jar and icu4j-charset.jar +# +# 2. Run slim-icu.py to generate slim version. +# +# To invoke from ant, add python to $PATH +# and add the following to build.xml: +# +# +# +# +# +# +# +# ... then call: ant distill-icu +# +# 3. Overwrite files in lib/charsets/ # slim ICU import sys diff --git a/ant/linux/installer.xml b/ant/linux/installer.xml new file mode 100644 index 000000000..caeff7ec9 --- /dev/null +++ b/ant/linux/installer.xml @@ -0,0 +1,45 @@ + + + + + + + + + + Creating installer using makeself + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ant/signing.xml b/ant/signing.xml new file mode 100644 index 000000000..c0fbe0699 --- /dev/null +++ b/ant/signing.xml @@ -0,0 +1,51 @@ + + + + + + + + + + + + + + + + + + + + Signing jar with timestamp: ${sign.jar.file} + + + + + Self-signing jar without timestamp: ${sign.jar.file} + + + + + + + + No tsaurl was provided so the file was not timestamped. Users will not be able to validate + this file after the signer certificate's expiration date or after any future revocation date. + + + + \ No newline at end of file diff --git a/ant/version.xml b/ant/version.xml new file mode 100644 index 000000000..355c9f295 --- /dev/null +++ b/ant/version.xml @@ -0,0 +1,28 @@ + + + + + + + + + + + + + + + + + + + + + + + + Version : ${build.version}${build.type} + Bundle Id : ${apple.bundleid} + + + \ No newline at end of file diff --git a/ant/windows/installer.xml b/ant/windows/installer.xml new file mode 100644 index 000000000..27dd05484 --- /dev/null +++ b/ant/windows/installer.xml @@ -0,0 +1,111 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Creating ${nsis.outfile} using ${nsisbin} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Signing exe with timestamp: ${sign.exe.file} + + + + + + Signing exe without timestamp: ${sign.exe.file} + + + + diff --git a/ant/windows/nsis/Include/FindJava.nsh b/ant/windows/nsis/Include/FindJava.nsh index 92ebff090..72adcfc51 100644 --- a/ant/windows/nsis/Include/FindJava.nsh +++ b/ant/windows/nsis/Include/FindJava.nsh @@ -85,4 +85,4 @@ Var /GLOBAL javaw ; Allows registering identical functions for install and uninstall !insertmacro _FindJava "" -!insertmacro _FindJava "un." \ No newline at end of file +;!insertmacro _FindJava "un." \ No newline at end of file diff --git a/ant/windows/nsis/Include/SetTitleBar.nsh b/ant/windows/nsis/Include/SetTitleBar.nsh new file mode 100644 index 000000000..c42dc3449 --- /dev/null +++ b/ant/windows/nsis/Include/SetTitleBar.nsh @@ -0,0 +1,5 @@ +; Allow title masquerading +!define SetTitleBar "!insertmacro SetTitleBar" +!macro SetTitlebar title + SendMessage $HWNDPARENT ${WM_SETTEXT} 0 "STR:${title}" +!macroend \ No newline at end of file diff --git a/ant/windows/nsis/Include/StrRep.nsh b/ant/windows/nsis/Include/StrRep.nsh index 7286b7c45..57d1f3a7a 100644 --- a/ant/windows/nsis/Include/StrRep.nsh +++ b/ant/windows/nsis/Include/StrRep.nsh @@ -3,11 +3,11 @@ Push `${string}` Push `${old}` Push `${new}` - !ifdef __UNINSTALL__ - Call un.StrRep - !else + ;!ifdef __UNINSTALL__ + ; Call un.StrRep + ;!else Call StrRep - !endif + ;!endif Pop ${output} !macroend @@ -63,4 +63,4 @@ FunctionEnd !macroend !insertmacro Func_StrRep "" -!insertmacro Func_StrRep "un." \ No newline at end of file +;!insertmacro Func_StrRep "un." \ No newline at end of file diff --git a/ant/windows/windows-installer.nsi.in b/ant/windows/windows-installer.nsi.in index b7e8ad002..d1428c6e8 100644 --- a/ant/windows/windows-installer.nsi.in +++ b/ant/windows/windows-installer.nsi.in @@ -11,18 +11,15 @@ !include FindJava.nsh !include StdUtils.nsh - Name "${project.name}" -OutFile "${out.dir}/${project.filename}${build.type}-${build.version}.exe" +OutFile "${nsis.outfile}" RequestExecutionLevel admin !define MUI_ICON "${basedir}/assets/branding/windows-icon.ico" ; Branding for qz only !if "${project.filename}" == "qz-tray" - !define MUI_UNICON "${basedir}/ant/windows/nsis/uninstall.ico" !define MUI_WELCOMEFINISHPAGE_BITMAP "${basedir}\ant\windows\nsis\welcome.bmp" - !define MUI_UNWELCOMEFINISHPAGE_BITMAP "${basedir}\ant\windows\nsis\welcome.bmp" !endif !insertmacro MUI_PAGE_WELCOME @@ -80,9 +77,7 @@ Section Call FindJava !insertmacro VerifyJava "TryAgain" - ; Create the uninstaller SetOutPath $INSTDIR - WriteUninstaller "$INSTDIR\uninstall.exe" ; Backslash required ; Run preinstall tasks SetOutPath "$PluginsDir\tmp" @@ -103,26 +98,6 @@ Section ${StdUtils.ExecShellAsUser} $0 "$INSTDIR\${project.filename}.exe" "open" "" SectionEnd -Section "Uninstall" - DetailPrint "Uninstalling..." - - ; Set the $java variable - TryAgain: - Call un.FindJava - !insertmacro VerifyJava "TryAgain" - - ; Run uninstall tasks - SetOutPath $INSTDIR - !insertmacro QzInstaller "uninstall" "" "" - - ; Remove all files - DetailPrint "Removing all files..." - SetDetailsPrint none ; Temporarily suppress details - SetOutPath $TEMP - RMDir /r "$INSTDIR" - SetDetailsPrint both -SectionEnd - !macro Init ${If} ${RunningX64} SetRegView 64 @@ -140,9 +115,4 @@ SectionEnd ; Runs for installs Function .onInit !insertmacro Init -FunctionEnd - -; Runs for uninstall -Function un.onInit - !insertmacro Init FunctionEnd \ No newline at end of file diff --git a/ant/windows/windows-launcher.nsi.in b/ant/windows/windows-launcher.nsi.in index c1594c25a..58e982f05 100644 --- a/ant/windows/windows-launcher.nsi.in +++ b/ant/windows/windows-launcher.nsi.in @@ -19,7 +19,7 @@ RequestExecutionLevel user Name "${project.name}" Caption "${project.name}" Icon "${basedir}/assets/branding/windows-icon.ico" -OutFile "${dist.dir}/${project.filename}.exe" +OutFile "${nsis.outfile}" SilentInstall silent AutoCloseWindow true diff --git a/ant/windows/windows-uninstaller.nsi.in b/ant/windows/windows-uninstaller.nsi.in new file mode 100644 index 000000000..b8626f4b2 --- /dev/null +++ b/ant/windows/windows-uninstaller.nsi.in @@ -0,0 +1,110 @@ +!include MUI2.nsh +!include x64.nsh +!include LogicLib.nsh +!include FileFunc.nsh +!include WinMessages.nsh + +!ifdef NSIS_UNICODE + !addplugindir "${basedir}/ant/windows/nsis/Plugins/Release_Unicode" +!else + !addplugindir "${basedir}/ant/windows/nsis/Plugins/Release_ANSI" +!endif +!addincludedir "${basedir}/ant/windows/nsis/Include" +!include StdUtils.nsh +!include SetTitleBar.nsh +!include FindJava.nsh + +!define MUI_PRODUCT "${project.name}" +!define MUI_VERSION "${build.version}" +; Branding for qz only +!if "${project.filename}" == "qz-tray" + !define MUI_ICON "${basedir}/ant/windows/nsis/uninstall.ico" +!else + !define MUI_ICON "${basedir}/assets/branding/windows-icon.ico" +!endif + +!define MUI_PAGE_HEADER_TEXT "Uninstall ${project.name}" +!define MUI_PAGE_HEADER_SUBTEXT "Remove ${project.name} from your computer" +!define MUI_INSTFILESPAGE_FINISHHEADER_TEXT "Uninstallation Complete" +!define MUI_INSTFILESPAGE_FINISHHEADER_SUBTEXT "Uninstall was completed successfully." + +!insertmacro MUI_PAGE_INSTFILES +!insertmacro MUI_LANGUAGE "English" +!insertmacro GetParameters + +RequestExecutionLevel admin +CRCCheck On + +Name "Uninstall ${project.name}" +Caption "Uninstall ${project.name}" +Icon "${basedir}/ant/windows/nsis/uninstall.ico" +OutFile "${nsis.outfile}" + +Var /GLOBAL RESPAWN +Var /GLOBAL DELETE_DIR +Var /GLOBAL DELETE_EXE + +Section + ${SetTitlebar} "Uninstall" + SetDetailsPrint textonly + DetailPrint "Uninstalling" + SetDetailsPrint listonly + + ${GetParameters} $0 + ${GetOptions} "$0" "/RESPAWN=" $RESPAWN + ${GetOptions} "$0" "/DELETE_DIR=" $DELETE_DIR + ${GetOptions} "$0" "/DELETE_EXE=" $DELETE_EXE + + ${If} $RESPAWN != "" + ; We're running from $TEMP; Perform the uninstall + + ; Set environmental variable for silent uninstall to be picked up by Java + ${If} ${Silent} + System::Call 'Kernel32::SetEnvironmentVariable(t, t)i ("${vendor.name}_silent", "1").r0' + ${EndIf} + + ; Set $javaw variable + Call FindJava + + ; Run uninstall step using jar + SetDetailsPrint textonly + DetailPrint "Running uninstall..." + SetDetailsPrint none ; Temporarily suppress details + SetOutPath $DELETE_DIR + SetDetailsPrint listonly + DetailPrint 'Running uninstall: "$java" ${launch.opts} -jar "$DELETE_DIR\${project.filename}.jar" uninstall' + ClearErrors + nsExec::ExecToLog '"$java" ${launch.opts} -jar "$DELETE_DIR\${project.filename}.jar" uninstall' + Pop $0 + ${If} "$0" != "0" + Abort "Uninstall failed." + ${EndIf} + + ; Remove all files + DetailPrint "Removing remaining files..." + SetDetailsPrint none ; Temporarily suppress details + SetOutPath $TEMP + RMDir /r "$DELETE_DIR" + + ; Remove self from $TEMP after reboot + Delete /REBOOTOK $EXEPATH + + ${If} ${RunningX64} + ${EnableX64FSRedirection} + ${EndIf} + SetDetailsPrint both + ${Else} + ; We're NOT running from $TEMP, copy to temp and respawn ourself + GetTempFileName $0 + CopyFiles "$EXEPATH" "$0" + Exec '"$0" /RESPAWN=1 /DELETE_DIR="$EXEDIR" /DELETE_EXE="$EXEPATH"' + Quit + ${EndIf} +SectionEnd + +Function .onInit + ${If} ${RunningX64} + SetRegView 64 + ${DisableX64FSRedirection} + ${EndIf} +FunctionEnd \ No newline at end of file diff --git a/build.xml b/build.xml index 673bd266f..a56bea06a 100644 --- a/build.xml +++ b/build.xml @@ -3,22 +3,17 @@ + + + + - - + + + Process complete - - - - - - - - - - @@ -38,7 +33,7 @@ - + @@ -49,19 +44,21 @@ - - - - + + + + + + - + - + @@ -79,12 +76,15 @@ - + - Building Jar for Socket use + + + + Building Jar for Socket use @@ -100,417 +100,46 @@ - - - - - - - - - - - - Self-signing Socket jar - - - - - Signing Socket jar with timestamp - - - - - - - - - - - - - - - - - - Version : ${build.version} - Bundle Id : ${apple.bundleid} - - - - Using internal cert for signing auth - + + + - - Bundling with manual cert for signing auth: ${authcert.use} + + Bundling with manual cert for signing auth: ${authcert.use} - - + + - Copying certificate(s) to dist/whitelist: ${whitelist.use} + Copying certificate(s) to dist/whitelist: ${whitelist.use} + - - Copying resource files to output - - - - - - - - - - - - - - - - - - - - - - + + Copying resource files to output + - - - - - - - - - - - - - - - - - - Creating installer using ${nsisbin} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Signing Windows installer: No tsaurl was provided so this exe was not timestamped. Users will not be able to validate this exe after the signer certificate's expiration date or after any future revocation date. - - - - - - - Signing Windows installer - - - - - - - - - - Creating installer using pkgbuild - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + - - - - - - - - - - - - - - - - - - - - - - - - - - Creating installer using makeself - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + \ No newline at end of file diff --git a/src/qz/installer/WindowsInstaller.java b/src/qz/installer/WindowsInstaller.java index 285d8e004..f8854e3e1 100644 --- a/src/qz/installer/WindowsInstaller.java +++ b/src/qz/installer/WindowsInstaller.java @@ -54,6 +54,7 @@ public Installer removeLegacyStartup() { WindowsUtilities.deleteRegKey(HKEY_USERS, user.trim() + "\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\" + ABOUT_TITLE); } }); + FileUtils.deleteQuietly(new File(STARTUP + File.separator + ABOUT_TITLE + ".lnk")); return this; } @@ -93,11 +94,12 @@ public Installer removeSystemSettings() { WindowsUtilities.deleteRegData(HKEY_LOCAL_MACHINE, "SOFTWARE\\Policies\\Google\\Chrome\\URLWhitelist", String.format("%s://*", DATA_DIR)); // Cleanup launchers - for(WindowsSpecialFolders folder : new WindowsSpecialFolders[] { START_MENU, COMMON_START_MENU, DESKTOP, PUBLIC_DESKTOP }) { + for(WindowsSpecialFolders folder : new WindowsSpecialFolders[] { START_MENU, COMMON_START_MENU, DESKTOP, PUBLIC_DESKTOP, COMMON_STARTUP, RECENT }) { try { new File(folder + File.separator + ABOUT_TITLE + ".lnk").delete(); // Since 2.1, start menus use subfolder if (folder.equals(COMMON_START_MENU) || folder.equals(START_MENU)) { + FileUtils.deleteQuietly(new File(folder + File.separator + "Programs" + File.separator + ABOUT_TITLE + ".lnk")); FileUtils.deleteDirectory(new File(folder + File.separator + "Programs" + File.separator + ABOUT_TITLE)); } } catch(IOException ignore) {}