nutools/lib/ulib/wosign

196 lines
5.6 KiB
Plaintext
Raw Permalink Normal View History

2013-08-27 15:14:44 +04:00
##@cooked comments # -*- coding: utf-8 mode: sh -*- vim:sw=4:sts=4:et:ai:si:sta:fenc=utf-8
## Support de la signature des jars pour WebObjects
##@cooked nocomments
##@require webobjects
uprovide wosign
urequire webobjects
WOSIGN_KEYSTORE=
WOSIGN_STOREPASS=
WOSIGN_KEYALIAS=
function wosign_setup_maybe() {
WOSIGN_CONFDIR="$WOCONFIGURATION/Signatures"
WOSIGN_CONF="$WOSIGN_CONFDIR/signature.conf"
if [ -f "$WOSIGN_CONF" ]; then
eval "$(
keystore=
storepass=
keyalias=
source "$WOSIGN_CONF"
set_var_cmd WOSIGN_KEYSTORE "$keystore"
set_var_cmd WOSIGN_STOREPASS "$storepass"
set_var_cmd WOSIGN_KEYALIAS "$keyalias"
)"
[ -n "$WOSIGN_XTMPDIR" ] || ac_set_tmpdir WOSIGN_XTMPDIR
[ -n "$WOSIGN_JTMPDIR" ] || ac_set_tmpdir WOSIGN_JTMPDIR
return 0
else
return 1
fi
}
function __issjar() {
[ "${1%.sjar}" != "$1" ]
}
function __tosjar() {
local jarname="$(basename "$1")"
local jardir="${1%$jarname}"
local sjarname= jarbn="$(basename "$jarname" .jar)"
if [ "$jarbn" != "$jarname" ]; then
sjarname="$jarbn.sjar"
else
sjarname="$jarname.sjar"
fi
echo "$jardir$sjarname"
}
function __tojar() {
local jarname="$(basename "$1")"
local jardir="${1%$jarname}"
local jarbn="$(basename "$jarname" .sjar)"
[ "$jarbn" != "$jarname" ] && jarname="$jarbn.jar"
echo "$jardir$jarname"
}
function wosign_jar() {
local default=1 sign= unsign=
while [ -n "$1" ]; do
case "$1" in
-s) default=; sign=1;;
-d) default=; unsign=1;;
*) break;;
esac
shift
done
[ -n "$default" ] && sign=1
local curdir="$(pwd)"
local jar="$(abspath "$1")"
local cjar="$WOSIGN_JTMPDIR/$(basename "$jar")"
local sjar="$(__tosjar "$jar")"
cd "$WOSIGN_XTMPDIR"
rm -rf *
jar xf "$jar"
rm -f META-INF/*.{SF,RSA,DSA}
2015-08-20 07:58:17 +04:00
2013-08-27 15:14:44 +04:00
jar cf "$cjar" *
if [ -n "$unsign" ]; then
cp "$cjar" "$jar"
fi
if [ -n "$sign" ]; then
rm -f "$sjar"
jarsigner -keystore "$WOSIGN_KEYSTORE" ${WOSIGN_STOREPASS:+-storepass "$WOSIGN_STOREPASS" }-signedjar "$sjar" "$cjar" $WOSIGN_KEYALIAS
fi
cd "$curdir"
}
function wosignable() {
if [ -z "$WOSIGN_KEYSTORE" ]; then
echo "Il faut spécifier le paramètre keystore"
return 1
elif [ -z "$WOSIGN_KEYALIAS" ]; then
echo "Il faut spécifier le parammètre keyalias"
return 1
fi
local srcdir="$1"
if endswith "$srcdir" .woa; then
srcdir="$srcdir/Contents/WebServerResources/Java"
elif endswith "$1" .framework; then
srcdir="$srcdir/WebServerResources/Java"
fi
if [ -d "$srcdir" ]; then
if [ -z "$(list_files "$srcdir" "*.jar")" ]; then
echo "Il n'y a pas de jars à signer"
return 1
fi
elif [ -f "$srcdir" ]; then
if ! endswith "$srcdir" .jar; then
echo "Le fichier spécifié n'est pas un jar"
return 1
fi
else
echo "Il faut spécifier un répertoire ou un jar individuel"
return 1
fi
}
function __may_sign() {
# Si l'option -f est spécifiée, retourner true
# Si ce jar a une version signée associée, retourner true
# Si ce jar n'a pas de version signée associée, retourner true
# Si ce jar est la version signée d'un autre jar, retourner false
[ "$1" != "-f" ] && __issjar "$1" && [ -f "$(__tojar "$1")" ] && return 1
return 0
}
function __should_sign() {
# Si l'option -f est spécifiée, retourner true
# Sinon retourner true si la version signée n'existe pas
# On assume que __may_sign est vrai.
[ "$1" != "-f" ] && [ -f "$(__tosjar "$1")" ] && return 1
return 0
}
function wosign() {
# Signer un bundle, les jars d'un répertoire, ou un jar
# L'option -f force la resignature des jars d'un répertoire ou d'un
# bundle. Elle force aussi la signature d'un jar, même s'il semble qu'il
# soit la version signée d'un autre jar
# on présuppose que wosignable a retourné true
local default=1 sign= unsign= resign=
while [ -n "$1" ]; do
case "$1" in
-s) default=; sign=1;;
-d) default=; unsign=1;;
-f) resign=1;;
*) break;;
esac
shift
done
[ -n "$default" ] && sign=1
local srcdir="$1"
local candidates jars jar jarname jardir
if endswith "$srcdir" .woa; then
srcdir="$srcdir/Contents/WebServerResources/Java"
elif endswith "$1" .framework; then
srcdir="$srcdir/WebServerResources/Java"
fi
2015-08-20 07:58:17 +04:00
2013-08-27 15:14:44 +04:00
if [ -d "$srcdir" ]; then
array_from_lines candidates "$(list_files "$srcdir" "*.jar")"
jars=()
for jar in "${candidates[@]}"; do
__may_sign "$srcdir/$jar" && jars=("${jars[@]}" "$srcdir/$jar")
done
for jar in "${jars[@]}"; do
if __should_sign ${resign:+-f }"$jar"; then
ebegin "$(ppath "$jar")"
wosign_jar ${sign:+-s }${unsign:+-d }"$jar" &
ewait $!
eend
fi
done
elif [ -f "$srcdir" ]; then
jar="$srcdir"
if ! __may_sign ${resign:+-f }"$jar"; then
jardir="$(dirname "$jar")"
jarname="$(basename "$jar")"
eerror "$(ppath "$jar"): Ce jar est la version signée de $(ppath "$jardir/${jarname#s}")"
elif __should_sign ${resign:+-f }"$jar"; then
ebegin "$(ppath "$jar")"
wosign_jar ${sign:+-s }${unsign:+-d }"$jar" &
ewait $!
eend
fi
fi
}