VirtualBox

Changeset 96692 in vbox for trunk/Config.kmk


Ignore:
Timestamp:
Sep 12, 2022 12:39:59 AM (2 years ago)
Author:
vboxsync
Message:

Add/Nt/Installer,/Config.kmk,SupDrv/Certs: Check for and install missing root certificates. This is a real problem with vista and older. bugref:10261

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Config.kmk

    r96684 r96692  
    179179
    180180
     181#
     182# Some source paths of global interest.
     183#
     184VBOX_PATH_SRC_CERTIFICATES = $(PATH_ROOT)/src/VBox/HostDrivers/Support/Certificates
     185
     186
     187#
    181188# Delete targets on failure.
     189#
    182190.DELETE_ON_ERROR:
    183191
     192#
    184193# Notify about important kBuild updates.
     194#
    185195if  $(KBUILD_VERSION_MAJOR) == 0 \
    186196 && (   $(KBUILD_VERSION_MINOR) >= 2 \
     
    330340endif
    331341
     342
    332343#
    333344# The VirtualBox Configuration Defaults.
     
    409420# (Used by the additions build server, don't invert it.)
    410421#VBOX_WITHOUT_ADDITIONS_ISO = 1
     422# Include root certs in the windows GAs installer and on the ISO (ignore when
     423# signing is disabled).  Since we don't have any runtime detection of which
     424# roots are actually being used, we expect shipping of the non-default root
     425# with the signing setup in LocalConfig.kmk.  Following root cert selectors
     426# are available (more details in GA tools & installer):
     427#       - VBOX_WITH_GA_ROOT_VERISIGN_G5
     428#       - VBOX_WITH_GA_ROOT_DIGICERT_ASSURED_ID
     429#       - VBOX_WITH_GA_ROOT_DIGICERT_HIGH_ASSURANCE_EV
     430VBOX_WITH_GA_ROOT_CERTS_INCLUDED := 1
     431if (!defined(VBOX_CERTIFICATE_SUBJECT_NAME) || !defined(VBOX_CERTIFICATE_SHA2_SUBJECT_NAME)) && "$(VBOX_SIGNING_MODE)" == "release"
     432 VBOX_WITH_GA_ROOT_DIGICERT_ASSURED_ID := 1
     433endif
    411434## @}
     435
    412436# Set build options right for building the Additions as an RPM package.
    413437# VBOX_ONLY_RPM_ADDITIONS = 1
     
    42714295   VBOX_SIGN_IMAGE_CMDS_ORDERDEPS ?= $(if $(eq $(tool_do),LINK_LIBRARY),,$(VBOX_SIGN_IMAGE_ORDERDEPS))
    42724296  endif
    4273   ## Enable signing of the additions.
     4297  ## Enable signing of the additions drivers, i.e. create CAT files.
     4298  ## @todo r=bird: This bugger is entirely misplaced, as it belongs in the additions config section so it can be properly overriden.
    42744299  VBOX_SIGN_ADDITIONS   ?= 1
    42754300  ## Set if we should include the legacy timestamp CA.
     
    42794304   endif
    42804305  endif
    4281   VBOX_LEGACY_TS_CA_FILE = $(PATH_ROOT)/src/VBox/HostDrivers/Support/Certificates/Timestamp-VBoxLegacyWinCA.crt
     4306  VBOX_LEGACY_TS_CA_FILE = $(VBOX_PATH_SRC_CERTIFICATES)/Timestamp-VBoxLegacyWinCA.crt
    42824307
    42834308 else ifeq ($(KBUILD_HOST),darwin)
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette