Browse Source
Added attributes to the Java viewer MANIFEST file in order to conform to upcoming JRE requirements. Added support for specifying a signing certificate in place of the self-signed certificate.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@5145 3789f03b-4d11-0410-bbf8-ca57d06f2519tags/v1.3.90
Brian Hinz
10 years ago
4 changed files with 91 additions and 13 deletions
+ 22
- 0
BUILDING.txt
View File
| @@ -385,6 +385,28 @@ Similarly, if the Java viewer is built along with the Unix TigerVNC Server | |||
| (Xvnc), then the build system will include the Java viewer in the server | |||
| tarball. | |||
| By default, a self-signed certificate will be generated and used to sign the | |||
| jar file. By specifying the following command line arguments to the CMake | |||
| command line, an alternate certificate may be used for signing. | |||
| -DJAVA_KEYSTORE=${keystore_location_or_url} | |||
| -DJAVA_KEYSTORE_TYPE=${keystore_type} (Default: "jks") | |||
| -DJAVA_KEY_ALIAS=${keytore_key_alias} | |||
| -DJAVA_STOREPASS=${keystore_password} | |||
| -DJAVA_KEYPASS=${keystore_entry_password} | |||
| -DJAVA_TSA_URL=${url_of_timestamping_authority} | |||
| The values of the JAVA_STOREPASS and JAVA_KEYPASS arguments may optionally be | |||
| read from file or environment variables by prefixing the value with ":env " | |||
| or ":file " (see the jarsigner documentation for more info): | |||
| export StorePass=tigervnc | |||
| export KeyPass=tigervnc | |||
| cmake \ | |||
| ... | |||
| -DJAVA_STOREPASS=":env StorePass" | |||
| -DJAVA_KEYPASS=":env KeyPass" | |||
| ====================================== | |||
| Building Native Language Support (NLS) | |||
+ 12
- 0
java/CMakeLists.txt
View File
| @@ -15,6 +15,12 @@ message(STATUS "Java compiler flags = ${JAVACFLAGS}") | |||
| set(CLASSPATH com/tigervnc/vncviewer) | |||
| set(SRCDIR ${CMAKE_CURRENT_SOURCE_DIR}) | |||
| set(BINDIR ${CMAKE_CURRENT_BINARY_DIR}) | |||
| set(JAVA_KEYSTORE NOTFOUND CACHE STRING "URL of keystore location") | |||
| set(JAVA_KEYSTORE_TYPE "jks" CACHE STRING "Type of keystore (Default: \"jks\")") | |||
| set(JAVA_KEY_ALIAS NOTFOUND CACHE STRING "Alias for the keystore entry used to generate the signature") | |||
| set(JAVA_STOREPASS NOTFOUND CACHE STRING "Password required to access the keystore") | |||
| set(JAVA_KEYPASS NOTFOUND CACHE STRING "Password used to protect the private key of the specified keystore entry") | |||
| set(JAVA_TSA_URL NOTFOUND CACHE STRING "URL of Time Stamping Authority (TSA)") | |||
| if(NOT BUILD) | |||
| execute_process(COMMAND "date" "+%Y%m%d" OUTPUT_VARIABLE BUILD) | |||
| @@ -136,6 +142,12 @@ add_custom_command(OUTPUT VncViewer.jar | |||
| com/tigervnc/vncviewer/tigervnc.ico | |||
| COMMAND ${CMAKE_COMMAND} | |||
| ARGS -DJava_PATH=${Java_PATH} -DJAR_FILE=${BINDIR}/VncViewer.jar | |||
| -DJAVA_KEYSTORE=${JAVA_KEYSTORE} | |||
| -DJAVA_KEYSTORE_TYPE=${JAVA_KEYSTORE_TYPE} | |||
| -DJAVA_STOREPASS=${JAVA_STOREPASS} | |||
| -DJAVA_KEYPASS=${JAVA_KEYPASS} | |||
| -DJAVA_KEY_ALIAS=${JAVA_KEY_ALIAS} | |||
| -DJAVA_TSA_URL=${JAVA_TSA_URL} | |||
| -P ${SRCDIR}/cmake/SignJar.cmake) | |||
| add_custom_target(java ALL DEPENDS VncViewer.jar) | |||
+ 54
- 13
java/cmake/SignJar.cmake
View File
| @@ -6,25 +6,66 @@ if(NOT JAR_FILE) | |||
| message(FATAL_ERROR "JAR_FILE must be defined") | |||
| endif() | |||
| message(STATUS "Signing ${JAR_FILE}") | |||
| set(KEYTOOL "${Java_PATH}/keytool") | |||
| set(JARSIGNER "${Java_PATH}/jarsigner") | |||
| file(REMOVE tigervnc.keystore) | |||
| execute_process(COMMAND | |||
| ${KEYTOOL} -genkey -alias TigerVNC -keystore tigervnc.keystore -keyalg RSA | |||
| -storepass tigervnc -keypass tigervnc -validity 7300 | |||
| -dname "CN=TigerVNC, OU=Software Development, O=The TigerVNC Project, L=Austin, S=Texas, C=US" | |||
| RESULT_VARIABLE RESULT OUTPUT_VARIABLE OUTPUT ERROR_VARIABLE ERROR) | |||
| if(NOT RESULT EQUAL 0) | |||
| message(FATAL_ERROR "${KEYTOOL} failed:\n${ERROR}") | |||
| if(JAVA_KEYSTORE) | |||
| if((NOT JAVA_STOREPASS) OR (NOT JAVA_KEYPASS) OR (NOT JAVA_KEY_ALIAS)) | |||
| message(FATAL_ERROR "When JAVA_KEYSTORE is specified, JAVA_KEY_ALIAS, JAVA_STOREPASS, and JAVA_KEYPASS must also be specified:\n${ERROR}") | |||
| endif() | |||
| else() | |||
| message(STATUS "Generating self-signed certificate") | |||
| file(REMOVE tigervnc.keystore) | |||
| execute_process(COMMAND | |||
| ${KEYTOOL} -genkey -alias TigerVNC -keystore tigervnc.keystore -keyalg RSA | |||
| -storepass tigervnc -keypass tigervnc -validity 7300 | |||
| -dname "CN=TigerVNC, OU=Software Development, O=The TigerVNC Project, L=Austin, S=Texas, C=US" | |||
| RESULT_VARIABLE RESULT OUTPUT_VARIABLE OUTPUT ERROR_VARIABLE ERROR) | |||
| if(NOT RESULT EQUAL 0) | |||
| message(FATAL_ERROR "${KEYTOOL} failed:\n${ERROR}") | |||
| endif() | |||
| set(JAVA_KEYSTORE "tigervnc.keystore") | |||
| set(JAVA_STOREPASS "tigervnc") | |||
| set(JAVA_KEYPASS "tigervnc") | |||
| set(JAVA_KEY_ALIAS "TigerVNC") | |||
| endif() | |||
| message(STATUS "Signing ${JAR_FILE}") | |||
| set(ARGS -keystore ${JAVA_KEYSTORE} -storetype ${JAVA_KEYSTORE_TYPE}) | |||
| if(${JAVA_STOREPASS} MATCHES "^:env") | |||
| string(REGEX REPLACE "^:env[\t ]+(.*)$" "\\1" JAVA_STOREPASS "${JAVA_STOREPASS}") | |||
| set(ARGS ${ARGS} -storepass:env ${JAVA_STOREPASS}) | |||
| elseif("${JAVA_STOREPASS}" MATCHES "^:file") | |||
| string(REGEX REPLACE "^:file[\t ]+(.*)$" "\\1" JAVA_STOREPASS "${JAVA_STOREPASS}") | |||
| set(ARGS ${ARGS} -storepass:file ${JAVA_STOREPASS}) | |||
| else() | |||
| set(ARGS ${ARGS} -storepass ${JAVA_STOREPASS}) | |||
| endif() | |||
| if(${JAVA_KEYPASS} MATCHES "^:env") | |||
| string(REGEX REPLACE "^:env[\t ]+(.*)$" "\\1" JAVA_KEYPASS "${JAVA_KEYPASS}") | |||
| set(ARGS ${ARGS} -keypass:env ${JAVA_KEYPASS}) | |||
| elseif("${JAVA_KEYPASS}" MATCHES "^:file") | |||
| string(REGEX REPLACE "^:file[\t ]+(.*)$" "\\1" JAVA_KEYPASS "${JAVA_KEYPASS}") | |||
| set(ARGS ${ARGS} -keypass:file ${JAVA_KEYPASS}) | |||
| else() | |||
| set(ARGS ${ARGS} -keypass ${JAVA_KEYPASS}) | |||
| endif() | |||
| if(JAVA_TSA_URL) | |||
| set(ARGS ${ARGS} -tsa ${JAVA_TSA_URL}) | |||
| endif() | |||
| execute_process(COMMAND | |||
| ${JARSIGNER} -keystore tigervnc.keystore | |||
| -storepass tigervnc -keypass tigervnc ${JAR_FILE} TigerVNC | |||
| ${JARSIGNER} ${ARGS} ${JAR_FILE} ${JAVA_KEY_ALIAS} | |||
| RESULT_VARIABLE RESULT OUTPUT_VARIABLE OUTPUT ERROR_VARIABLE ERROR) | |||
| if(NOT RESULT EQUAL 0) | |||
| message(FATAL_ERROR "${JARSIGNER} failed:\n${ERROR}") | |||
| endif() | |||
| file(REMOVE tigervnc.keystore) | |||
| if(EXISTS tigervnc.keystore) | |||
| file(REMOVE tigervnc.keystore) | |||
| endif() | |||
+ 3
- 0
java/com/tigervnc/vncviewer/MANIFEST.MF
View File
| @@ -1,2 +1,5 @@ | |||
| Manifest-Version: 1.0 | |||
| Main-Class: com.tigervnc.vncviewer.VncViewer | |||
| Application-Name: TigerVNC Viewer | |||
| Permissions: all-permissions | |||
| Codebase: * | |||
Loading…