From 8e894bf2b318046acdabe597a71b0ffa079256b6 Mon Sep 17 00:00:00 2001 From: Paixu Aabuizia Date: Mon, 3 Oct 2016 18:02:50 -0400 Subject: [pkg] reproducible windows installer for bitmask_client Port of paixu's original commit 0a5d24d64b5f637038a15b01bbe1b3d4bf4108f2 in the legacy bitmask_client repo. Refs: 0.9.1-85-g0a5d24d - provide a environment that allows automated builds of windows installers - prepare dockerized environment with wine, python, openssl, zlib and mingw to build windows binaries from python sourcecode - prepare dockerized environment with nullsoft installer to build installers from binaries - configure pyinstaller to build binaries - configure nsis to build distributable executables for bitmask - configure make all in pkg/windows that results in installers - add documentation - ico conversion from data/images - avoid polluting / in docker image - install dirspec and copy to wine env - remove obsolete comments - fix python path - figure out that pip install leap.a and pyinstalling a leap.b does not work - so the build script fixes that - rename dependencies to pyinstaller and move nsis code to installer - build openvpn, export the binaries for further processing - correct openvpn dependencies, fetch tap installer compatible with openvpn just built - install tap-driver with nsis - pyinstaller-build: fix mixed mkdir / show errors if there are some - installer-build: prepare rw-copy, do not expose nsh files - add openvpn_leap.exe to install directory so it gets picked up by nsis - use setup.py to install bitmask to site-packages to have a version - separate build directories for granular make - copy all openvpn dlls to installer - die to signal failure to parent makefile - cache installDependencies for quick turn-arround times - share openssl version between openvpn and pysqlcipher/other pip builds - collect files during prepare for installer - default to eip:false, mail:true - configuration in pyinstaller-build.sh - win64 tap drivers need special care getting removed from 32bit nsis - correct registry key that identifies if we installed TAP - extract version from git-tree, expose to wine python - create nsh with version for build installer - allow clean/dirty version with patches - cleanup / indent / remove comments - die when pysqlchipher patch failed - add psutil in mingw compatible version --- pkg/windows/pyinstaller/Dockerfile | 105 +++++++++++++++++++++ pkg/windows/pyinstaller/pysqlcipher_setup.py.patch | 14 +++ pkg/windows/pyinstaller/zlib-mingw-shared.patch | 10 ++ 3 files changed, 129 insertions(+) create mode 100644 pkg/windows/pyinstaller/Dockerfile create mode 100644 pkg/windows/pyinstaller/pysqlcipher_setup.py.patch create mode 100644 pkg/windows/pyinstaller/zlib-mingw-shared.patch (limited to 'pkg/windows/pyinstaller') diff --git a/pkg/windows/pyinstaller/Dockerfile b/pkg/windows/pyinstaller/Dockerfile new file mode 100644 index 0000000..2da0da3 --- /dev/null +++ b/pkg/windows/pyinstaller/Dockerfile @@ -0,0 +1,105 @@ +FROM debian:jessie +MAINTAINER paixu@0xn0.de + +ENV PYTHON_VERSION=2.7.11 +ENV OPENSSL_VERSION=1.0.2f +ENV ZLIB_VERSION=1.2.8 +ENV MINGW_VERSION=0.6.2-beta-20131004-1 +ENV MINGW_BIN_VERSION=0.6.2-mingw32-beta-20131004-1-bin +ENV WINEDEBUG=fixme-all + +###### +# install packages required to build +# https-transport: winehq deb +# winbind: pip install keyring (requirements.pip) needs this somehow +# git-core: clone rw copy of repo and build specific commit +# imagemagick: convert png to ico-files +RUN apt-get update && apt-get -y install \ + unzip curl apt-transport-https \ + winbind \ + build-essential autoconf bison gperf flex libtool mingw-w64 \ + git-core \ + imagemagick \ + pkg-config + +# install wine > 1.6.2 (debian:jessie version fails with pip) +RUN dpkg --add-architecture i386 \ + && curl https://dl.winehq.org/wine-builds/Release.key | apt-key add - \ + && echo 'deb https://dl.winehq.org/wine-builds/debian/ jessie main' >> /etc/apt/sources.list.d/wine.list \ + && apt-get update + +RUN curl https://www.python.org/ftp/python/${PYTHON_VERSION}/python-${PYTHON_VERSION}.msi > /tmp/python-${PYTHON_VERSION}.msi +RUN curl -L http://sourceforge.net/projects/mingw/files/Installer/mingw-get/mingw-get-${MINGW_VERSION}/mingw-get-${MINGW_BIN_VERSION}.zip/download > /tmp/mingw-get.zip + +# alternative with messy python afterwards +# RUN curl -L http://download.microsoft.com/download/7/9/6/796EF2E4-801B-4FC4-AB28-B59FBF6D907B/VCForPython27.msi > /tmp/msvcforpython27.msi + +RUN curl -L http://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz > /tmp/openssl-${OPENSSL_VERSION}.tar.gz +RUN apt-get install -y winehq-staging + +RUN curl -L http://sourceforge.net/projects/mingw/files/Installer/mingw-get/mingw-get-${MINGW_VERSION}/mingw-get-${MINGW_BIN_VERSION}.zip/download > /tmp/mingw-get.zip +RUN mkdir -p /root/.wine/drive_c/mingw \ + && unzip -d /root/.wine/drive_c/mingw /tmp/mingw-get.zip + +####### +# Build python dependency +# using the 'host' (linux) xcompiler instead of fiddeling in wine +# zlib - needs a update every 5 years +# adds a patch that makes a shared lib - default is static +RUN curl -L http://zlib.net/zlib-${ZLIB_VERSION}.tar.gz > /tmp/zlib-${ZLIB_VERSION}.tar.gz +ADD zlib-mingw-shared.patch /zlib-mingw-shared.patch +RUN mkdir -p /root/.wine/drive_c/zlib/src \ + && mv /tmp/zlib-${ZLIB_VERSION}.tar.gz /root/.wine/drive_c/zlib/src \ + && cd /root/.wine/drive_c/zlib/src \ + && tar xzf zlib-${ZLIB_VERSION}.tar.gz \ + && cd zlib-${ZLIB_VERSION} \ + && patch -p0 < /zlib-mingw-shared.patch \ + && make -f win32/Makefile.gcc PREFIX=/usr/bin/i686-w64-mingw32- \ + && make -f win32/Makefile.gcc INCLUDE_PATH=/root/.wine/drive_c/zlib/include LIBRARY_PATH=/root/.wine/drive_c/zlib/lib BINARY_PATH=/root/.wine/drive_c/zlib/bin install + +###### +# install gcc for most pip builds +# install g++ for pycryptopp +# this is mingw in wine, not to get confused with mingw-w64 in container-host +RUN wine msiexec -i /tmp/python-${PYTHON_VERSION}.msi -q \ + && wine c:/mingw/bin/mingw-get.exe install gcc g++ mingw32-make \ + && rm -r /tmp/.wine-0 + +#### +# pip configuration +# set wine mingw compiler to be used by "python setup build" +# set default include dirs, libraries and library paths +# the libraries=crypto is added because srp will only link using -lssl but links to BN_* (libcrypto) code +# 'install' zlib to mingw so python may find its dlls +# pyside-rcc fix (https://srinikom.github.io/pyside-bz-archive/670.html) +RUN printf "[build]\ncompiler=mingw32\n\n[build_ext]\ninclude_dirs=c:\\openssl\\include;c:\\zlib\\include\nlibraries=crypto\nlibrary_dirs=c:\\openssl\\lib;c:\\openssl\\bin;c:\\zlib\\lib;c:\\zlib\\bin" > /root/.wine/drive_c/Python27/Lib/distutils/distutils.cfg \ + && printf 'REGEDIT4\n\n[HKEY_CURRENT_USER\\Environment]\n"PATH"="C:\\\\python27;C:\\\\python27\\\\Scripts;C:\\\\python27\\\\Lib\\\\site-packages\\\\PySide;C:\\\\mingw\\\\bin;c:\\\\windows;c:\\\\windows\\\\system"' > /root/.wine/drive_c/path.reg \ + && printf 'REGEDIT4\n\n[HKEY_CURRENT_USER\\Environment]\n"OPENSSL_CONF"="C:\\\\openssl"' > /root/.wine/drive_c/openssl_conf.reg \ + && printf 'REGEDIT4\n\n[HKEY_CURRENT_USER\\Environment]\n"PYTHONPATH"="C:\\\\python27\\\\lib\\\\site-packages;Z:\\\\var\\\\build\\\\bitmask_rw\\\\src"' > /root/.wine/drive_c/pythonpath.reg \ + && cp /root/.wine/drive_c/zlib/bin/zlib1.dll /root/.wine/drive_c/mingw/bin \ + && cp /root/.wine/drive_c/zlib/lib/libz.dll.a /root/.wine/drive_c/mingw/lib + +#### +# prepare the environment with all python dependencies installed +# inject dirspec from distribution +# +RUN apt-get install -y python-dirspec \ + && cp -r /usr/lib/python2.7/dist-packages/dirspec* /root/.wine/drive_c/Python27/Lib/site-packages/ +RUN apt-get install -y python-setuptools +RUN wine regedit /root/.wine/drive_c/path.reg \ + && wine regedit /root/.wine/drive_c/openssl_conf.reg \ + && wine regedit /root/.wine/drive_c/pythonpath.reg \ + && wine pip install virtualenv pyinstaller \ + && wine pip install wheel \ + && wine pip install -U setuptools-scm \ + && wine pip install -U setuptools_scm \ + && wine pip install -U pyside python-qt \ + && wine pip install -I psutil==3.4.2 \ + && rm -r /tmp/.wine-0 + +# alternative msvc: after python is installed (or before?) +# && wine msiexec -i /tmp/msvcforpython27.msi -q \ + +RUN apt-get -y install \ + mc +ENTRYPOINT ["/var/src/bitmask/pkg/windows/pyinstaller-build.sh"] \ No newline at end of file diff --git a/pkg/windows/pyinstaller/pysqlcipher_setup.py.patch b/pkg/windows/pyinstaller/pysqlcipher_setup.py.patch new file mode 100644 index 0000000..dcec54f --- /dev/null +++ b/pkg/windows/pyinstaller/pysqlcipher_setup.py.patch @@ -0,0 +1,14 @@ +--- setup.py.org 2014-11-12 16:38:07.000000000 +0000 ++++ setup.py 2016-01-23 14:08:13.255261595 +0000 +@@ -192,10 +192,7 @@ + ext.define_macros.append(("inline", "__inline")) + + # Configure the linker +- ext.extra_link_args.append("libeay32.lib") +- ext.extra_link_args.append( +- "/LIBPATH:" + os.path.join(openssl, "lib") +- ) ++ ext.extra_link_args.append("-lcrypto") + else: + ext.extra_link_args.append("-lcrypto") + diff --git a/pkg/windows/pyinstaller/zlib-mingw-shared.patch b/pkg/windows/pyinstaller/zlib-mingw-shared.patch new file mode 100644 index 0000000..1b980cb --- /dev/null +++ b/pkg/windows/pyinstaller/zlib-mingw-shared.patch @@ -0,0 +1,10 @@ +diff -Naur ../zlib-1.2.8-org/win32/Makefile.gcc ./win32/Makefile.gcc +--- ../zlib-1.2.8-org/win32/Makefile.gcc 2008-10-23 17:44:36.000000000 +0000 ++++ ./win32/Makefile.gcc 2015-12-06 19:20:00.449471787 +0000 +@@ -37,6 +37,6 @@ + # Set to 1 if shared object needs to be installed + # +-SHARED_MODE=0 ++SHARED_MODE=1 + + #LOC = -DASMV \ No newline at end of file -- cgit v1.2.3