Skip to content

Commit

Permalink
Merge v4.0.4 into develop-psw
Browse files Browse the repository at this point in the history
  • Loading branch information
nirbar committed Feb 8, 2024
2 parents a35305c + a859298 commit c068fda
Show file tree
Hide file tree
Showing 12 changed files with 70 additions and 30 deletions.
12 changes: 9 additions & 3 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ jobs:
name: Build
runs-on: windows-2022
permissions:
packages: write
id-token: write
packages: write
steps:
- name: Checkout code
uses: actions/checkout@v3
Expand Down Expand Up @@ -58,6 +58,14 @@ jobs:
tenant-id: ${{ secrets.WIX_SIGNING_TENANTID }}
subscription-id: ${{ secrets.WIX_SIGNING_SUBSCRIPTIONID }}

- name: 'Az CLI login'
if: (github.ref == 'refs/heads/master')
uses: azure/login@v1
with:
allow-no-subscriptions: true
client-id: ${{ secrets.WIX_SIGNING_CLIENTID }}
tenant-id: ${{ secrets.WIX_SIGNING_TENANTID }}

- name: Decrypt snk
run: gpg --quiet --batch --yes --decrypt --passphrase="${{ secrets.GPG_PASSPHRASE }}" --output "${{ github.workspace }}\src\psw-wix.snk" "${{ github.workspace }}\src\psw-wix.snk.gpg"

Expand Down Expand Up @@ -115,8 +123,6 @@ jobs:

- name: Publish nuget packages to github
if: ${{ github.event.inputs.publish_nuget == 'true' }}
env:
GITHUB_TOKEN: ${{ secrets.MY_GITHUB_PAT }}
run: |
dotnet nuget add source --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text --name github "https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json"
dotnet nuget push "build/artifacts/**/PanelSwWix4.*.${{ env.WIX_VERSION }}.nupkg" --api-key ${{ secrets.GITHUB_TOKEN }} --source github
Expand Down
17 changes: 8 additions & 9 deletions src/Directory.Build.targets
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,9 @@

<Project>
<PropertyGroup>
<SigningToolFolder>$(ToolsFolder)</SigningToolFolder>
<SigningToolExe>$(SigningToolFolder)\sign.exe</SigningToolExe>
<SigningFilelist>$(MSBuildThisFileDirectory)signing-empty-file-list.txt</SigningFilelist>
<SigningConfiguration>--description "WiX Toolset" --description-url "https://wixtoolset.org/" --timestamp-url "http://timestamp.digicert.com" --file-list "$(SigningFilelist)" --azure-key-vault-managed-identity true --azure-key-vault-url "$(SigningVaultUri)" --azure-key-vault-certificate "$(SigningCertName)"</SigningConfiguration>
<SigningToolExe>$(ToolsFolder)\sign.exe</SigningToolExe>
<SigningCommand>code azure-key-vault</SigningCommand>
<SigningConfiguration>--description "WiX Toolset" --description-url "https://wixtoolset.org/" --timestamp-url "http://timestamp.digicert.com" --file-list "$(MSBuildThisFileDirectory)signing-empty-file-list.txt" --azure-key-vault-managed-identity true --azure-key-vault-url "$(SigningVaultUri)" --azure-key-vault-certificate "$(SigningCertName)"</SigningConfiguration>
</PropertyGroup>

<PropertyGroup Condition=" '$(IsWixTestSupportProject)'=='true' ">
Expand Down Expand Up @@ -130,12 +129,12 @@
</Target>

<Target Name="SignOutput" AfterTargets="AfterBuild"
Condition=" '$(SigningCertName)'!='' and '$(SignOutput)'!='false' and
Condition=" '$(SigningCertName)'!='' and '$(SignOutput)'!='false' and
('$(MSBuildProjectExtension)'=='.csproj' or ('$(MSBuildProjectExtension)'=='.vcxproj' and '$(ConfigurationType)'!='StaticLibrary'))">

<Message Importance="high" Text="Signing file: $(TargetPath)" />

<Exec Command='"$(SigningToolExe)" code azure-key-vault $(TargetPath) $(SigningConfiguration)'
<Exec Command='"$(SigningToolExe)" $(SigningCommand) $(SigningConfiguration) $(TargetPath)'
WorkingDirectory="$(MSBuildProjectDirectory)" EchoOff="true" />
</Target>

Expand All @@ -147,21 +146,21 @@

<Message Importance="high" Text="Signing nupkg: @(SigningNupkgs->&apos;%(Identity)&apos;)" />

<Exec Command='"$(SigningToolExe)" code azure-key-vault "@(SigningNupkgs->&apos;%(Identity)&apos;)" $(SigningConfiguration)'
<Exec Command='"$(SigningToolExe)" $(SigningCommand) $(SigningConfiguration) "@(SigningNupkgs->&apos;%(Identity)&apos;)"'
WorkingDirectory="$(MSBuildProjectDirectory)" EchoOff="true" />
</Target>

<Target Name="SignBundleEngine" Condition=" '$(SigningCertName)'!='' and '$(SignOutput)'!='false' ">
<Message Importance="high" Text="Signing bundle engine: @(SignBundleEngine->&apos;%(Identity)&apos;)" />

<Exec Command='"$(SigningToolExe)" code azure-key-vault "@(SignBundleEngine->&apos;%(Identity)&apos;)" $(SigningConfiguration)'
<Exec Command='"$(SigningToolExe)" $(SigningCommand) $(SigningConfiguration) "@(SignBundleEngine->&apos;%(Identity)&apos;)"'
WorkingDirectory="$(MSBuildProjectDirectory)" EchoOff="true" />
</Target>

<Target Name="SignBundle" Condition=" '$(SigningCertName)'!='' and '$(SignOutput)'!='false' ">
<Message Importance="high" Text="Signing bundle: @(SignBundle->&apos;%(Identity)&apos;)" />

<Exec Command='"$(SigningToolExe)" code azure-key-vault "@(SignBundle->&apos;%(Identity)&apos;)" $(SigningConfiguration)'
<Exec Command='"$(SigningToolExe)" $(SigningCommand) $(SigningConfiguration) "@(SignBundle->&apos;%(Identity)&apos;)"'
WorkingDirectory="$(MSBuildProjectDirectory)" EchoOff="true" />
</Target>

Expand Down
1 change: 1 addition & 0 deletions src/burn/stub/precomp.h
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@

#include <dutil.h>
#include <apputil.h>
#include <dirutil.h>
#include <strutil.h>
#include <fileutil.h>
#include <pathutil.h>
Expand Down
26 changes: 26 additions & 0 deletions src/burn/stub/stub.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

#include "precomp.h"

static const HRESULT E_SUSPECTED_TAMPERING = MAKE_HRESULT(SEVERITY_ERROR, 500/*FACILITY_WIX*/, 2001);

static void AvoidLocalDllRedirection(LPCWSTR wzPath);


int WINAPI wWinMain(
__in HINSTANCE hInstance,
Expand Down Expand Up @@ -52,6 +56,8 @@ int WINAPI wWinMain(
AppInitialize(rgsczSafelyLoadSystemDlls, countof(rgsczSafelyLoadSystemDlls));
}

AvoidLocalDllRedirection(sczPath);

// call run
hr = EngineRun(hInstance, hEngineFile, lpCmdLine, nCmdShow, &dwExitCode);
ExitOnFailure(hr, "Failed to run application.");
Expand All @@ -63,3 +69,23 @@ int WINAPI wWinMain(

return FAILED(hr) ? (int)hr : (int)dwExitCode;
}

static void AvoidLocalDllRedirection(LPCWSTR wzPath)
{
LPWSTR sczLocalPath = NULL;
HMODULE hmodComCtl = NULL;

// Bail if there's a <bundle>.exe.local directory, as it's a feature of
// DLL redirection that has no real use for a bundle and is a hole for
// DLL hijacking attacks.

if (FAILED(StrAllocFormatted(&sczLocalPath, L"%ls.local", wzPath))
|| DirExists(sczLocalPath, NULL)
|| FileExistsEx(sczLocalPath, NULL)
|| FAILED(LoadSystemLibrary(L"Comctl32.dll", &hmodComCtl)))
{
::ExitProcess((UINT)E_SUSPECTED_TAMPERING);
}

ReleaseStr(sczLocalPath);
}
1 change: 1 addition & 0 deletions src/burn/stub/stub.vcxproj
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@
<SwapRunFromCD>true</SwapRunFromCD>
<SwapRunFromNET>true</SwapRunFromNET>
<DelayLoadDLLs>cabinet.dll;crypt32.dll;msi.dll;shlwapi.dll;userenv.dll;version.dll;wininet.dll;wintrust.dll</DelayLoadDLLs>
<AdditionalOptions>/DEPENDENTLOADFLAG:0x800 %(AdditionalOptions)</AdditionalOptions>
</Link>
</ItemDefinitionGroup>

Expand Down
2 changes: 1 addition & 1 deletion src/ext/Util/ca/TouchFile.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -288,7 +288,7 @@ extern "C" UINT WINAPI WixExecuteTouchFile(
{
if (iTouchFileAttributes & TOUCH_FILE_ATTRIBUTE_VITAL)
{
ExitOnFailure(hr, "Failed to touch file: '%ls' for: %ls", &sczPath, sczId);
ExitOnFailure(hr, "Failed to touch file: '%ls' for: %ls", sczPath, sczId);
}
else
{
Expand Down
10 changes: 5 additions & 5 deletions src/ext/Util/wixlib/UtilExtension_Platform.wxi
Original file line number Diff line number Diff line change
Expand Up @@ -240,8 +240,8 @@
<CustomAction Id="$(var.Prefix)RollbackTouchFile$(var.Suffix)" DllEntry="WixExecuteTouchFile" Execute="rollback" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />

<InstallExecuteSequence>
<Custom Action="$(var.Prefix)TouchFileDuringUninstall" Before="RemoveFiles" Overridable="yes" />
<Custom Action="$(var.Prefix)TouchFileDuringInstall" After="InstallFiles" Overridable="yes" />
<Custom Action="$(var.Prefix)TouchFileDuringUninstall$(var.Suffix)" Before="RemoveFiles" Overridable="yes" />
<Custom Action="$(var.Prefix)TouchFileDuringInstall$(var.Suffix)" After="InstallFiles" Overridable="yes" />
</InstallExecuteSequence>
</Fragment>

Expand Down Expand Up @@ -317,7 +317,7 @@
<Custom Action="$(var.Prefix)QueryOsInfo$(var.Suffix)" After="AppSearch" Overridable="yes" Condition="VersionNT &gt; 400 OR (VersionNT = 400 AND ServicePackLevel &gt; 3)" />
</InstallUISequence>
</Fragment>

<Fragment>
<CustomAction Id="$(var.Prefix)QueryOsDirs$(var.Suffix)" DllEntry="WixQueryOsDirs" Execute="firstSequence" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />

Expand All @@ -341,7 +341,7 @@
<Custom Action="$(var.Prefix)QueryOsWellKnownSID$(var.Suffix)" After="AppSearch" Overridable="yes" Condition="VersionNT &gt; 400 OR (VersionNT = 400 AND ServicePackLevel &gt; 3)" />
</InstallUISequence>
</Fragment>

<Fragment>
<CustomAction Id="$(var.Prefix)QueryOsDriverInfo$(var.Suffix)" DllEntry="WixQueryOsDriverInfo" Execute="firstSequence" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />

Expand All @@ -353,7 +353,7 @@
<Custom Action="$(var.Prefix)QueryOsDriverInfo$(var.Suffix)" After="AppSearch" Overridable="yes" Condition="VersionNT &gt; 400 OR (VersionNT = 400 AND ServicePackLevel &gt; 3)" />
</InstallUISequence>
</Fragment>

<Fragment>
<CustomAction Id="$(var.Prefix)QueryNativeMachine$(var.Suffix)" DllEntry="WixQueryNativeMachine" Execute="firstSequence" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />

Expand Down
8 changes: 4 additions & 4 deletions src/libs/dutil/WixToolset.DUtil/dirutil.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
*******************************************************************/
extern "C" BOOL DAPI DirExists(
__in_z LPCWSTR wzPath,
__in_z LPCWSTR wzPath,
__out_opt DWORD *pdwAttributes
)
{
Expand Down Expand Up @@ -73,7 +73,7 @@ extern "C" HRESULT DAPI DirCreateTempPath(
*******************************************************************/
extern "C" HRESULT DAPI DirEnsureExists(
__in_z LPCWSTR wzPath,
__in_z LPCWSTR wzPath,
__in_opt LPSECURITY_ATTRIBUTES psa
)
{
Expand Down Expand Up @@ -203,8 +203,8 @@ extern "C" HRESULT DAPI DirEnsureDeleteEx(
}
}

// If we're deleting files and/or child directories loop through the contents of the directory.
if (fDeleteFiles || fRecurse)
// If we're deleting files and/or child directories loop through the contents of the directory, but skip junctions.
if ((fDeleteFiles || fRecurse) && (0 == (dwAttrib & FILE_ATTRIBUTE_REPARSE_POINT)))
{
if (fScheduleDelete)
{
Expand Down
2 changes: 1 addition & 1 deletion src/libs/dutil/WixToolset.DUtil/procutil.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -517,7 +517,7 @@ extern "C" HRESULT DAPI ProcWaitForIds(
DWORD cProcesses = 0;
BOOL fTimedOut = FALSE;

rghProcesses = static_cast<HANDLE*>(MemAlloc(sizeof(DWORD) * cProcessIds, TRUE));
rghProcesses = static_cast<HANDLE*>(MemAlloc(sizeof(HANDLE) * cProcessIds, TRUE));
ProcExitOnNull(rgdwProcessIds, hr, E_OUTOFMEMORY, "Failed to allocate array for process ID Handles.");

for (DWORD i = 0; i < cProcessIds; ++i)
Expand Down
13 changes: 11 additions & 2 deletions src/wix/WixToolset.Core/Binder.cs
Original file line number Diff line number Diff line change
Expand Up @@ -58,9 +58,18 @@ private IBindResult BackendBind(IBindContext context)

var backendFactories = extensionManager.GetServices<IBackendFactory>();

var outputType = context is BindContext bindContext ? bindContext.OutputType : null;

if (String.IsNullOrEmpty(outputType))
{
var entrySection = context.IntermediateRepresentation.Sections.First();

outputType = entrySection.Type.ToString();
}

foreach (var factory in backendFactories)
{
if (factory.TryCreateBackend(context.OutputType, context.OutputPath, out var backend))
if (factory.TryCreateBackend(outputType, context.OutputPath, out var backend))
{
var result = backend.Bind(context);
return result;
Expand All @@ -69,7 +78,7 @@ private IBindResult BackendBind(IBindContext context)

var messaging = context.ServiceProvider.GetService<IMessaging>();

messaging.Write(CoreErrors.BackendNotFound(context.OutputType, context.OutputPath));
messaging.Write(CoreErrors.BackendNotFound(outputType, context.OutputPath));

return null;
}
Expand Down
6 changes: 2 additions & 4 deletions src/wix/WixToolset.Core/CommandLine/BuildCommand.cs
Original file line number Diff line number Diff line change
Expand Up @@ -334,11 +334,9 @@ private void BindPhase(Intermediate output, IReadOnlyCollection<Localization> lo
context.PdbPath = inputsOutputs.PdbPath;
context.CancellationToken = cancellationToken;

if (String.IsNullOrEmpty(context.OutputType))
if (context is BindContext bindContext)
{
var entrySection = context.IntermediateRepresentation.Sections.First();

context.OutputType = entrySection.Type.ToString();
bindContext.OutputType = this.commandLine.OutputType;
}

var binder = this.ServiceProvider.GetService<IBinder>();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -575,7 +575,7 @@ private static void CreateAdminImage(string msiPath, string targetDir)
var args = $"/a \"{Path.ChangeExtension(msiPath, "msi")}\" TARGETDIR=\"{targetDir}\" /qn";

var proc = Process.Start("msiexec.exe", args);
proc.WaitForExit(20000);
proc.WaitForExit(10000);

Assert.Equal(0, proc.ExitCode);
}
Expand Down

0 comments on commit c068fda

Please sign in to comment.