From f1f1a124df59e8639c2bcbfa7d3a4b37fb348bb7 Mon Sep 17 00:00:00 2001 From: Bob Arnson Date: Sun, 31 Jan 2021 19:28:47 -0500 Subject: Remove Burn Authenticode Fixes https://github.com/wixtoolset/issues/issues/6301 --- src/engine/cache.cpp | 252 +---------------------------- src/engine/cache.h | 7 +- src/engine/catalog.cpp | 180 --------------------- src/engine/catalog.h | 56 ------- src/engine/core.cpp | 4 - src/engine/core.h | 1 - src/engine/engine.cpp | 1 - src/engine/engine.vcxproj | 18 +-- src/engine/manifest.cpp | 6 +- src/engine/payload.cpp | 33 ---- src/engine/payload.h | 6 - src/engine/precomp.h | 1 - src/engine/userexperience.cpp | 2 +- src/stub/stub.vcxproj | 4 +- src/test/BurnUnitTest/BurnUnitTest.vcxproj | 2 +- src/test/BurnUnitTest/precomp.h | 1 - 16 files changed, 12 insertions(+), 562 deletions(-) delete mode 100644 src/engine/catalog.cpp delete mode 100644 src/engine/catalog.h diff --git a/src/engine/cache.cpp b/src/engine/cache.cpp index 315281bc..92a79eb9 100644 --- a/src/engine/cache.cpp +++ b/src/engine/cache.cpp @@ -94,15 +94,6 @@ static HRESULT VerifyHash( __in_z LPCWSTR wzUnverifiedPayloadPath, __in HANDLE hFile ); -static HRESULT VerifyPayloadWithCatalog( - __in BURN_PAYLOAD* pPayload, - __in_z LPCWSTR wzUnverifiedPayloadPath, - __in HANDLE hFile - ); -static HRESULT VerifyPayloadAgainstChain( - __in BURN_PAYLOAD* pPayload, - __in PCCERT_CHAIN_CONTEXT pChainContext - ); extern "C" HRESULT CacheInitialize( @@ -189,7 +180,7 @@ LExit: } extern "C" HRESULT CacheEnsureWorkingFolder( - __in_z LPCWSTR wzBundleId, + __in_z_opt LPCWSTR wzBundleId, __deref_out_z_opt LPWSTR* psczWorkingFolder ) { @@ -964,56 +955,6 @@ LExit: return hr; } -extern "C" HRESULT CacheVerifyPayloadSignature( - __in BURN_PAYLOAD* pPayload, - __in_z LPCWSTR wzUnverifiedPayloadPath, - __in HANDLE hFile - ) -{ - HRESULT hr = S_OK; - LONG er = ERROR_SUCCESS; - - GUID guidAuthenticode = WINTRUST_ACTION_GENERIC_VERIFY_V2; - WINTRUST_FILE_INFO wfi = { }; - WINTRUST_DATA wtd = { }; - CRYPT_PROVIDER_DATA* pProviderData = NULL; - CRYPT_PROVIDER_SGNR* pSigner = NULL; - - // Verify the payload assuming online. - wfi.cbStruct = sizeof(wfi); - wfi.pcwszFilePath = wzUnverifiedPayloadPath; - wfi.hFile = hFile; - - wtd.cbStruct = sizeof(wtd); - wtd.dwUnionChoice = WTD_CHOICE_FILE; - wtd.pFile = &wfi; - wtd.dwStateAction = WTD_STATEACTION_VERIFY; - wtd.dwProvFlags = WTD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT; - wtd.dwUIChoice = WTD_UI_NONE; - - er = ::WinVerifyTrust(static_cast(INVALID_HANDLE_VALUE), &guidAuthenticode, &wtd); - if (er) - { - // Verify the payload assuming offline. - wtd.dwProvFlags |= WTD_CACHE_ONLY_URL_RETRIEVAL; - - er = ::WinVerifyTrust(static_cast(INVALID_HANDLE_VALUE), &guidAuthenticode, &wtd); - ExitOnWin32Error(er, hr, "Failed authenticode verification of payload: %ls", wzUnverifiedPayloadPath); - } - - pProviderData = WTHelperProvDataFromStateData(wtd.hWVTStateData); - ExitOnNullWithLastError(pProviderData, hr, "Failed to get provider state from authenticode certificate."); - - pSigner = WTHelperGetProvSignerFromChain(pProviderData, 0, FALSE, 0); - ExitOnNullWithLastError(pSigner, hr, "Failed to get signer chain from authenticode certificate."); - - hr = VerifyPayloadAgainstChain(pPayload, pSigner->pChainContext); - ExitOnFailure(hr, "Failed to verify expected payload against actual certificate chain."); - -LExit: - return hr; -} - extern "C" void CacheCleanup( __in BOOL fPerMachine, __in_z LPCWSTR wzBundleId @@ -1098,7 +1039,7 @@ extern "C" void CacheUninitialize() // Internal functions. static HRESULT CalculateWorkingFolder( - __in_z LPCWSTR /*wzBundleId*/, + __in_z_opt LPCWSTR /*wzBundleId*/, __deref_out_z LPWSTR* psczWorkingFolder ) { @@ -1387,18 +1328,7 @@ static HRESULT VerifyThenTransferPayload( ExitWithLastError(hr, "Failed to open payload in working path: %ls", wzUnverifiedPayloadPath); } - // If the payload has a certificate root public key identifier provided, verify the certificate. - if (pPayload->pbCertificateRootPublicKeyIdentifier) - { - hr = CacheVerifyPayloadSignature(pPayload, wzUnverifiedPayloadPath, hFile); - ExitOnFailure(hr, "Failed to verify payload signature: %ls", wzCachedPath); - } - else if (pPayload->pCatalog) // If catalog files are specified, attempt to verify the file with a catalog file - { - hr = VerifyPayloadWithCatalog(pPayload, wzUnverifiedPayloadPath, hFile); - ExitOnFailure(hr, "Failed to verify payload signature: %ls", wzCachedPath); - } - else if (pPayload->pbHash) // the payload should have a hash we can use to verify it. + if (pPayload->pbHash) // the payload should have a hash we can use to verify it. { hr = VerifyHash(pPayload->pbHash, pPayload->cbHash, wzUnverifiedPayloadPath, hFile); ExitOnFailure(hr, "Failed to verify payload hash: %ls", wzCachedPath); @@ -1466,18 +1396,7 @@ static HRESULT VerifyFileAgainstPayload( ExitOnRootFailure(hr, "Failed to open payload at path: %ls", wzVerifyPath); } - // If the payload has a certificate root public key identifier provided, verify the certificate. - if (pPayload->pbCertificateRootPublicKeyIdentifier) - { - hr = CacheVerifyPayloadSignature(pPayload, wzVerifyPath, hFile); - ExitOnFailure(hr, "Failed to verify signature of payload: %ls", pPayload->sczKey); - } - else if (pPayload->pCatalog) // If catalog files are specified, attempt to verify the file with a catalog file - { - hr = VerifyPayloadWithCatalog(pPayload, wzVerifyPath, hFile); - ExitOnFailure(hr, "Failed to verify catalog signature of payload: %ls", pPayload->sczKey); - } - else if (pPayload->pbHash) // the payload should have a hash we can use to verify it. + if (pPayload->pbHash) // the payload should have a hash we can use to verify it. { hr = VerifyHash(pPayload->pbHash, pPayload->cbHash, wzVerifyPath, hFile); ExitOnFailure(hr, "Failed to verify hash of payload: %ls", pPayload->sczKey); @@ -1517,7 +1436,7 @@ LExit: static HRESULT ResetPathPermissions( __in BOOL fPerMachine, - __in LPCWSTR wzPath + __in_z LPCWSTR wzPath ) { HRESULT hr = S_OK; @@ -1863,164 +1782,3 @@ LExit: return hr; } - -static HRESULT VerifyPayloadWithCatalog( - __in BURN_PAYLOAD* pPayload, - __in_z LPCWSTR wzUnverifiedPayloadPath, - __in HANDLE hFile - ) -{ - HRESULT hr = S_FALSE; - DWORD er = ERROR_SUCCESS; - WINTRUST_DATA WinTrustData = { }; - WINTRUST_CATALOG_INFO WinTrustCatalogInfo = { }; - GUID gSubSystemDriver = WINTRUST_ACTION_GENERIC_VERIFY_V2; - LPWSTR sczLowerCaseFile = NULL; - LPWSTR pCurrent = NULL; - LPWSTR sczName = NULL; - DWORD dwHashSize = 0; - DWORD dwTagSize; - LPBYTE pbHash = NULL; - - // Get lower case file name. Older operating systems need a lower case file - // to match in the catalog - hr = StrAllocString(&sczLowerCaseFile, wzUnverifiedPayloadPath, 0); - ExitOnFailure(hr, "Failed to allocate memory"); - - // Go through each character doing the lower case of each letter - pCurrent = sczLowerCaseFile; - while ('\0' != *pCurrent) - { - *pCurrent = (WCHAR)_tolower(*pCurrent); - pCurrent++; - } - - // Get file hash - CryptCATAdminCalcHashFromFileHandle(hFile, &dwHashSize, pbHash, 0); - er = ::GetLastError(); - if (ERROR_INSUFFICIENT_BUFFER == er) - { - pbHash = (LPBYTE)MemAlloc(dwHashSize, TRUE); - if (!CryptCATAdminCalcHashFromFileHandle(hFile, &dwHashSize, pbHash, 0)) - { - ExitWithLastError(hr, "Failed to get file hash."); - } - } - else - { - ExitOnWin32Error(er, hr, "Failed to get file hash."); - } - - // Make the hash into a string. This is the member tag for the catalog - dwTagSize = (dwHashSize * 2) + 1; - hr = StrAlloc(&sczName, dwTagSize); - ExitOnFailure(hr, "Failed to allocate string."); - hr = StrHexEncode(pbHash, dwHashSize, sczName, dwTagSize); - ExitOnFailure(hr, "Failed to encode file hash."); - - // Set up the WinVerifyTrust structures assuming online. - WinTrustData.cbStruct = sizeof(WINTRUST_DATA); - WinTrustData.dwUIChoice = WTD_UI_NONE; - WinTrustData.dwUnionChoice = WTD_CHOICE_CATALOG; - WinTrustData.dwStateAction = WTD_STATEACTION_VERIFY; - WinTrustData.dwProvFlags = WTD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT; - WinTrustData.pCatalog = &WinTrustCatalogInfo; - - WinTrustCatalogInfo.cbStruct = sizeof(WINTRUST_CATALOG_INFO); - WinTrustCatalogInfo.pbCalculatedFileHash = pbHash; - WinTrustCatalogInfo.cbCalculatedFileHash = dwHashSize; - WinTrustCatalogInfo.hMemberFile = hFile; - WinTrustCatalogInfo.pcwszMemberTag = sczName; - WinTrustCatalogInfo.pcwszMemberFilePath = sczLowerCaseFile; - WinTrustCatalogInfo.pcwszCatalogFilePath = pPayload->pCatalog->sczLocalFilePath; - - hr = ::WinVerifyTrust(static_cast(INVALID_HANDLE_VALUE), &gSubSystemDriver, &WinTrustData); - if (hr) - { - // Set up the WinVerifyTrust structures assuming online. - WinTrustData.dwProvFlags |= WTD_CACHE_ONLY_URL_RETRIEVAL; - - er = ::WinVerifyTrust(static_cast(INVALID_HANDLE_VALUE), &gSubSystemDriver, &WinTrustData); - - // WinVerifyTrust returns 0 for success, a few different Win32 error codes if it can't - // find the provider, and any other error code is provider specific, so may not - // be an actual Win32 error code - ExitOnWin32Error(er, hr, "Could not verify file %ls.", wzUnverifiedPayloadPath); - } - - // Need to close the WinVerifyTrust action - WinTrustData.dwStateAction = WTD_STATEACTION_CLOSE; - er = ::WinVerifyTrust(static_cast(INVALID_HANDLE_VALUE), &gSubSystemDriver, &WinTrustData); - ExitOnWin32Error(er, hr, "Could not close verify handle."); - -LExit: - ReleaseStr(sczLowerCaseFile); - ReleaseStr(sczName); - ReleaseMem(pbHash); - - return hr; -} - -static HRESULT VerifyPayloadAgainstChain( - __in BURN_PAYLOAD* pPayload, - __in PCCERT_CHAIN_CONTEXT pChainContext - ) -{ - HRESULT hr = S_OK; - PCCERT_CONTEXT pChainElementCertContext = NULL; - - BYTE rgbPublicKeyIdentifier[SHA1_HASH_LEN] = { }; - DWORD cbPublicKeyIdentifier = sizeof(rgbPublicKeyIdentifier); - BYTE* pbThumbprint = NULL; - DWORD cbThumbprint = 0; - - // Walk up the chain looking for a certificate in the chain that matches our expected public key identifier - // and thumbprint (if a thumbprint was provided). - HRESULT hrChainVerification = E_NOTFOUND; // assume we won't find a match. - for (DWORD i = 0; i < pChainContext->rgpChain[0]->cElement; ++i) - { - pChainElementCertContext = pChainContext->rgpChain[0]->rgpElement[i]->pCertContext; - - // Get the certificate's public key identifier. - if (!::CryptHashPublicKeyInfo(NULL, CALG_SHA1, 0, X509_ASN_ENCODING, &pChainElementCertContext->pCertInfo->SubjectPublicKeyInfo, rgbPublicKeyIdentifier, &cbPublicKeyIdentifier)) - { - ExitWithLastError(hr, "Failed to get certificate public key identifier."); - } - - // Compare the certificate's public key identifier with the payload's public key identifier. If they - // match, we're one step closer to the a positive result. - if (pPayload->cbCertificateRootPublicKeyIdentifier == cbPublicKeyIdentifier && - 0 == memcmp(pPayload->pbCertificateRootPublicKeyIdentifier, rgbPublicKeyIdentifier, cbPublicKeyIdentifier)) - { - // If the payload specified a thumbprint for the certificate, verify it. - if (pPayload->pbCertificateRootThumbprint) - { - hr = CertReadProperty(pChainElementCertContext, CERT_SHA1_HASH_PROP_ID, &pbThumbprint, &cbThumbprint); - ExitOnFailure(hr, "Failed to read certificate thumbprint."); - - if (pPayload->cbCertificateRootThumbprint == cbThumbprint && - 0 == memcmp(pPayload->pbCertificateRootThumbprint, pbThumbprint, cbThumbprint)) - { - // If we got here, we found that our payload public key identifier and thumbprint - // matched an element in the certficate chain. - hrChainVerification = S_OK; - break; - } - - ReleaseNullMem(pbThumbprint); - } - else // no thumbprint match necessary so we're good to go. - { - hrChainVerification = S_OK; - break; - } - } - } - hr = hrChainVerification; - ExitOnFailure(hr, "Failed to find expected public key in certificate chain."); - -LExit: - ReleaseMem(pbThumbprint); - - return hr; -} diff --git a/src/engine/cache.h b/src/engine/cache.h index 95e6cb90..f8ad2a90 100644 --- a/src/engine/cache.h +++ b/src/engine/cache.h @@ -16,7 +16,7 @@ HRESULT CacheInitialize( __in_z_opt LPCWSTR wzSourceProcessPath ); HRESULT CacheEnsureWorkingFolder( - __in LPCWSTR wzBundleId, + __in_z LPCWSTR wzBundleId, __deref_out_z_opt LPWSTR* psczWorkingFolder ); HRESULT CacheCalculateBundleWorkingPath( @@ -134,11 +134,6 @@ HRESULT CacheRemovePackage( __in_z LPCWSTR wzPackageId, __in_z LPCWSTR wzCacheId ); -HRESULT CacheVerifyPayloadSignature( - __in BURN_PAYLOAD* pPayload, - __in_z LPCWSTR wzUnverifiedPayloadPath, - __in HANDLE hFile - ); void CacheCleanup( __in BOOL fPerMachine, __in_z LPCWSTR wzBundleId diff --git a/src/engine/catalog.cpp b/src/engine/catalog.cpp deleted file mode 100644 index da086545..00000000 --- a/src/engine/catalog.cpp +++ /dev/null @@ -1,180 +0,0 @@ -// Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. - -#include "precomp.h" - - -// function definitions - -extern "C" HRESULT CatalogsParseFromXml( - __in BURN_CATALOGS* pCatalogs, - __in IXMLDOMNode* pixnBundle - ) -{ - HRESULT hr = S_OK; - IXMLDOMNodeList* pixnNodes = NULL; - IXMLDOMNode* pixnNode = NULL; - DWORD cNodes = 0; - LPWSTR scz = NULL; - - // select catalog nodes - hr = XmlSelectNodes(pixnBundle, L"Catalog", &pixnNodes); - ExitOnFailure(hr, "Failed to select catalog nodes."); - - // get catalog node count - hr = pixnNodes->get_length((long*)&cNodes); - ExitOnFailure(hr, "Failed to get payload node count."); - if (!cNodes) - { - ExitFunction(); - } - - // allocate memory for catalogs - pCatalogs->rgCatalogs = (BURN_CATALOG*)MemAlloc(sizeof(BURN_CATALOG) * cNodes, TRUE); - ExitOnNull(pCatalogs->rgCatalogs, hr, E_OUTOFMEMORY, "Failed to allocate memory for payload structs."); - - pCatalogs->cCatalogs = cNodes; - - // parse catalog elements - for (DWORD i = 0; i < cNodes; ++i) - { - BURN_CATALOG* pCatalog = &pCatalogs->rgCatalogs[i]; - pCatalog->hFile = INVALID_HANDLE_VALUE; - - hr = XmlNextElement(pixnNodes, &pixnNode, NULL); - ExitOnFailure(hr, "Failed to get next node."); - - // @Id - hr = XmlGetAttributeEx(pixnNode, L"Id", &pCatalog->sczKey); - ExitOnFailure(hr, "Failed to get @Id."); - - // @Payload - hr = XmlGetAttributeEx(pixnNode, L"Payload", &pCatalog->sczPayload); - ExitOnFailure(hr, "Failed to get @Payload."); - - // prepare next iteration - ReleaseNullObject(pixnNode); - } - -LExit: - ReleaseObject(pixnNodes); - ReleaseObject(pixnNode); - ReleaseStr(scz); - - return hr; -} - -extern "C" HRESULT CatalogFindById( - __in BURN_CATALOGS* pCatalogs, - __in_z LPCWSTR wzId, - __out BURN_CATALOG** ppCatalog - ) -{ - HRESULT hr = S_OK; - BURN_CATALOG* pCatalog = NULL; - - for (DWORD i = 0; i < pCatalogs->cCatalogs; ++i) - { - pCatalog = &pCatalogs->rgCatalogs[i]; - - if (CSTR_EQUAL == ::CompareStringW(LOCALE_INVARIANT, 0, pCatalog->sczKey, -1, wzId, -1)) - { - *ppCatalog = pCatalog; - ExitFunction1(hr = S_OK); - } - } - - hr = E_NOTFOUND; - -LExit: - return hr; -} - -extern "C" HRESULT CatalogLoadFromPayload( - __in BURN_CATALOGS* pCatalogs, - __in BURN_PAYLOADS* pPayloads - ) -{ - HRESULT hr = S_OK; - BURN_CATALOG* pCatalog = NULL; - BURN_PAYLOAD* pPayload = NULL; - - // go through each catalog file - for (DWORD i = 0; i < pCatalogs->cCatalogs; i++) - { - pCatalog = &pCatalogs->rgCatalogs[i]; - - // get the payload for this catalog file - hr = PayloadFindById(pPayloads, pCatalog->sczPayload, &pPayload); - ExitOnFailure(hr, "Failed to find payload for catalog file."); - - // Get the local file name - hr = StrAllocString(&pCatalog->sczLocalFilePath, pPayload->sczLocalFilePath, 0); - ExitOnFailure(hr, "Failed to get catalog local file path"); - - // Get a handle to the file - pCatalog->hFile = ::CreateFileW(pCatalog->sczLocalFilePath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_FLAG_SEQUENTIAL_SCAN, NULL); - if (INVALID_HANDLE_VALUE == pCatalog->hFile) - { - ExitWithLastError(hr, "Failed to open catalog in working path: %ls", pCatalog->sczLocalFilePath); - } - - // Verify the catalog file - hr = CacheVerifyPayloadSignature(pPayload, pCatalog->sczLocalFilePath, pCatalog->hFile); - ExitOnFailure(hr, "Failed to verify catalog signature: %ls", pCatalog->sczLocalFilePath); - } - -LExit: - return hr; -} - -extern "C" HRESULT CatalogElevatedUpdateCatalogFile( - __in BURN_CATALOGS* pCatalogs, - __in_z LPCWSTR wzId, - __in_z LPCWSTR wzPath - ) -{ - HRESULT hr = S_OK; - BURN_CATALOG* pCatalog = NULL; - - // Find the catalog - hr = CatalogFindById(pCatalogs, wzId, &pCatalog); - ExitOnFailure(hr, "Failed to locate catalog information."); - - if (NULL == pCatalog->sczLocalFilePath) - { - hr = StrAllocString(&pCatalog->sczLocalFilePath, wzPath, 0); - ExitOnFailure(hr, "Failed to allocated catalog path."); - - // Get a handle to the file - pCatalog->hFile = ::CreateFileW(pCatalog->sczLocalFilePath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_FLAG_SEQUENTIAL_SCAN, NULL); - if (INVALID_HANDLE_VALUE == pCatalog->hFile) - { - ExitWithLastError(hr, "Failed to open catalog in working path: %ls", pCatalog->sczLocalFilePath); - } - } - -LExit: - return hr; -} - -extern "C" void CatalogUninitialize( - __in BURN_CATALOGS* pCatalogs - ) -{ - if (pCatalogs->rgCatalogs) - { - for (DWORD i = 0; i < pCatalogs->cCatalogs; ++i) - { - BURN_CATALOG* pCatalog = &pCatalogs->rgCatalogs[i]; - - ReleaseHandle(pCatalog->hFile); - ReleaseStr(pCatalog->sczKey); - ReleaseStr(pCatalog->sczLocalFilePath); - ReleaseStr(pCatalog->sczPayload); - } - MemFree(pCatalogs->rgCatalogs); - } - - // clear struct - memset(pCatalogs, 0, sizeof(BURN_CATALOGS)); -} diff --git a/src/engine/catalog.h b/src/engine/catalog.h deleted file mode 100644 index 3a87d0d2..00000000 --- a/src/engine/catalog.h +++ /dev/null @@ -1,56 +0,0 @@ -#pragma once -// Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. - - -#if defined(__cplusplus) -extern "C" { -#endif - -// structs - -typedef struct _BURN_CATALOG -{ - LPWSTR sczKey; - LPWSTR sczPayload; - - // mutable members - LPWSTR sczLocalFilePath; // location of extracted or downloaded copy - HANDLE hFile; -} BURN_CATALOG; - -typedef struct _BURN_CATALOGS -{ - BURN_CATALOG* rgCatalogs; - DWORD cCatalogs; -} BURN_CATALOGS; - -typedef struct _BURN_PAYLOADS BURN_PAYLOADS; - - -// functions - -HRESULT CatalogsParseFromXml( - __in BURN_CATALOGS* pCatalogs, - __in IXMLDOMNode* pixnBundle - ); -HRESULT CatalogFindById( - __in BURN_CATALOGS* pCatalogs, - __in_z LPCWSTR wzId, - __out BURN_CATALOG** ppCatalog - ); -HRESULT CatalogLoadFromPayload( - __in BURN_CATALOGS* pCatalogs, - __in BURN_PAYLOADS* pPayloads - ); -HRESULT CatalogElevatedUpdateCatalogFile( - __in BURN_CATALOGS* pCatalogs, - __in_z LPCWSTR wzId, - __in_z LPCWSTR wzPath - ); -void CatalogUninitialize( - __in BURN_CATALOGS* pCatalogs - ); - -#if defined(__cplusplus) -} -#endif diff --git a/src/engine/core.cpp b/src/engine/core.cpp index 5b2454dc..0f5ea08a 100644 --- a/src/engine/core.cpp +++ b/src/engine/core.cpp @@ -151,10 +151,6 @@ extern "C" HRESULT CoreInitialize( hr = PayloadExtractFromContainer(&pEngineState->userExperience.payloads, NULL, &containerContext, pEngineState->userExperience.sczTempDirectory); ExitOnFailure(hr, "Failed to extract bootstrapper application payloads."); - // Load the catalog files as soon as they are extracted. - hr = CatalogLoadFromPayload(&pEngineState->catalogs, &pEngineState->userExperience.payloads); - ExitOnFailure(hr, "Failed to load catalog files."); - hr = PathConcat(pEngineState->userExperience.sczTempDirectory, L"BootstrapperApplicationData.xml", &pEngineState->command.wzBootstrapperApplicationDataPath); ExitOnFailure(hr, "Failed to get BootstrapperApplicationDataPath."); diff --git a/src/engine/core.h b/src/engine/core.h index 544c1786..0161eaa0 100644 --- a/src/engine/core.h +++ b/src/engine/core.h @@ -98,7 +98,6 @@ typedef struct _BURN_ENGINE_STATE BURN_USER_EXPERIENCE userExperience; BURN_REGISTRATION registration; BURN_CONTAINERS containers; - BURN_CATALOGS catalogs; BURN_PAYLOADS payloads; BURN_PACKAGES packages; BURN_UPDATE update; diff --git a/src/engine/engine.cpp b/src/engine/engine.cpp index 3dbfb365..9eee7fde 100644 --- a/src/engine/engine.cpp +++ b/src/engine/engine.cpp @@ -400,7 +400,6 @@ static void UninitializeEngineState( RegistrationUninitialize(&pEngineState->registration); PayloadsUninitialize(&pEngineState->payloads); PackagesUninitialize(&pEngineState->packages); - CatalogUninitialize(&pEngineState->catalogs); SectionUninitialize(&pEngineState->section); ContainersUninitialize(&pEngineState->containers); diff --git a/src/engine/engine.vcxproj b/src/engine/engine.vcxproj index 3db6802b..cb179a23 100644 --- a/src/engine/engine.vcxproj +++ b/src/engine/engine.vcxproj @@ -1,9 +1,7 @@ - - Debug @@ -30,7 +28,6 @@ ARM64 - {8119537D-E1D9-6591-D51A-49768A2F9C37} StaticLibrary @@ -39,22 +36,17 @@ Unicode Native component of WixToolset.Burn - - - - - @@ -95,7 +87,6 @@ - @@ -107,7 +98,6 @@ - @@ -145,11 +135,9 @@ - - Compiling message file... @@ -158,10 +146,7 @@ rc.exe -fo "$(OutDir)engine.res" "$(IntDir)engine.messages.rc" $(IntDir)engine.messages.h;$(IntDir)engine.messages.rc;$(OutDir)engine.res - - + $(MajorMinorVersion.Split(`.`)[0]) $(MajorMinorVersion.Split(`.`)[1]) @@ -176,7 +161,6 @@ rc.exe -fo "$(OutDir)engine.res" "$(IntDir)engine.messages.rc" - diff --git a/src/engine/manifest.cpp b/src/engine/manifest.cpp index fe8c6cad..fa454348 100644 --- a/src/engine/manifest.cpp +++ b/src/engine/manifest.cpp @@ -132,10 +132,6 @@ static HRESULT ParseFromXml( hr = SearchesParseFromXml(&pEngineState->searches, &pEngineState->extensions, pixeBundle); ExitOnFailure(hr, "Failed to parse searches."); - // parse catalog files - hr = CatalogsParseFromXml(&pEngineState->catalogs, pixeBundle); - ExitOnFailure(hr, "Failed to parse catalog files."); - // parse registration hr = RegistrationParseFromXml(&pEngineState->registration, pixeBundle); ExitOnFailure(hr, "Failed to parse registration."); @@ -149,7 +145,7 @@ static HRESULT ParseFromXml( ExitOnFailure(hr, "Failed to parse containers."); // parse payloads - hr = PayloadsParseFromXml(&pEngineState->payloads, &pEngineState->containers, &pEngineState->catalogs, pixeBundle); + hr = PayloadsParseFromXml(&pEngineState->payloads, &pEngineState->containers, pixeBundle); ExitOnFailure(hr, "Failed to parse payloads."); // parse packages diff --git a/src/engine/payload.cpp b/src/engine/payload.cpp index 6833288f..67eebe10 100644 --- a/src/engine/payload.cpp +++ b/src/engine/payload.cpp @@ -18,7 +18,6 @@ static HRESULT FindEmbeddedBySourcePath( extern "C" HRESULT PayloadsParseFromXml( __in BURN_PAYLOADS* pPayloads, __in_opt BURN_CONTAINERS* pContainers, - __in_opt BURN_CATALOGS* pCatalogs, __in IXMLDOMNode* pixnBundle ) { @@ -130,26 +129,6 @@ extern "C" HRESULT PayloadsParseFromXml( ExitOnFailure(hr, "Failed to parse @FileSize."); } - // @CertificateAuthorityKeyIdentifier - hr = XmlGetAttributeEx(pixnNode, L"CertificateRootPublicKeyIdentifier", &scz); - if (E_NOTFOUND != hr) - { - ExitOnFailure(hr, "Failed to get @CertificateRootPublicKeyIdentifier."); - - hr = StrAllocHexDecode(scz, &pPayload->pbCertificateRootPublicKeyIdentifier, &pPayload->cbCertificateRootPublicKeyIdentifier); - ExitOnFailure(hr, "Failed to hex decode @CertificateRootPublicKeyIdentifier."); - } - - // @CertificateThumbprint - hr = XmlGetAttributeEx(pixnNode, L"CertificateRootThumbprint", &scz); - if (E_NOTFOUND != hr) - { - ExitOnFailure(hr, "Failed to get @CertificateRootThumbprint."); - - hr = StrAllocHexDecode(scz, &pPayload->pbCertificateRootThumbprint, &pPayload->cbCertificateRootThumbprint); - ExitOnFailure(hr, "Failed to hex decode @CertificateRootThumbprint."); - } - // @Hash hr = XmlGetAttributeEx(pixnNode, L"Hash", &scz); ExitOnFailure(hr, "Failed to get @Hash."); @@ -157,16 +136,6 @@ extern "C" HRESULT PayloadsParseFromXml( hr = StrAllocHexDecode(scz, &pPayload->pbHash, &pPayload->cbHash); ExitOnFailure(hr, "Failed to hex decode the Payload/@Hash."); - // @Catalog - hr = XmlGetAttributeEx(pixnNode, L"Catalog", &scz); - if (E_NOTFOUND != hr) - { - ExitOnFailure(hr, "Failed to get @Catalog."); - - hr = CatalogFindById(pCatalogs, scz, &pPayload->pCatalog); - ExitOnFailure(hr, "Failed to find catalog."); - } - // prepare next iteration ReleaseNullObject(pixnNode); } @@ -194,8 +163,6 @@ extern "C" void PayloadsUninitialize( ReleaseStr(pPayload->sczKey); ReleaseStr(pPayload->sczFilePath); ReleaseMem(pPayload->pbHash); - ReleaseMem(pPayload->pbCertificateRootThumbprint); - ReleaseMem(pPayload->pbCertificateRootPublicKeyIdentifier); ReleaseStr(pPayload->sczSourcePath); ReleaseStr(pPayload->sczLocalFilePath); ReleaseStr(pPayload->downloadSource.sczUrl); diff --git a/src/engine/payload.h b/src/engine/payload.h index 0c7b68e4..e8639d64 100644 --- a/src/engine/payload.h +++ b/src/engine/payload.h @@ -35,11 +35,6 @@ typedef struct _BURN_PAYLOAD DWORD64 qwFileSize; LPWSTR sczFilePath; // file path relative to the execute location - BURN_CATALOG *pCatalog; // used to verify this payload - BYTE* pbCertificateRootPublicKeyIdentifier; - DWORD cbCertificateRootPublicKeyIdentifier; - BYTE* pbCertificateRootThumbprint; - DWORD cbCertificateRootThumbprint; BYTE* pbHash; DWORD cbHash; @@ -64,7 +59,6 @@ typedef struct _BURN_PAYLOADS HRESULT PayloadsParseFromXml( __in BURN_PAYLOADS* pPayloads, __in_opt BURN_CONTAINERS* pContainers, - __in_opt BURN_CATALOGS* pCatalogs, __in IXMLDOMNode* pixnBundle ); void PayloadsUninitialize( diff --git a/src/engine/precomp.h b/src/engine/precomp.h index c0019476..53fa949a 100644 --- a/src/engine/precomp.h +++ b/src/engine/precomp.h @@ -68,7 +68,6 @@ #include "section.h" #include "approvedexe.h" #include "container.h" -#include "catalog.h" #include "payload.h" #include "cabextract.h" #include "burnextension.h" diff --git a/src/engine/userexperience.cpp b/src/engine/userexperience.cpp index ce1662b8..8e782e71 100644 --- a/src/engine/userexperience.cpp +++ b/src/engine/userexperience.cpp @@ -55,7 +55,7 @@ extern "C" HRESULT UserExperienceParseFromXml( } // parse payloads - hr = PayloadsParseFromXml(&pUserExperience->payloads, NULL, NULL, pixnUserExperienceNode); + hr = PayloadsParseFromXml(&pUserExperience->payloads, NULL, pixnUserExperienceNode); ExitOnFailure(hr, "Failed to parse user experience payloads."); // make sure we have at least one payload diff --git a/src/stub/stub.vcxproj b/src/stub/stub.vcxproj index a8fbdfeb..da19f3c6 100644 --- a/src/stub/stub.vcxproj +++ b/src/stub/stub.vcxproj @@ -63,14 +63,14 @@ $(ProjectDir)..\engine\inc - cabinet.lib;crypt32.lib;msi.lib;rpcrt4.lib;shlwapi.lib;wininet.lib;wintrust.lib;wuguid.lib;engine.lib;engine.res + cabinet.lib;crypt32.lib;msi.lib;rpcrt4.lib;shlwapi.lib;wininet.lib;wuguid.lib;engine.lib;engine.res true true - cabinet.dll;crypt32.dll;msi.dll;shlwapi.dll;version.dll;wininet.dll;wintrust.dll + cabinet.dll;crypt32.dll;msi.dll;shlwapi.dll;version.dll;wininet.dll diff --git a/src/test/BurnUnitTest/BurnUnitTest.vcxproj b/src/test/BurnUnitTest/BurnUnitTest.vcxproj index 1f4a7111..6ac21f9c 100644 --- a/src/test/BurnUnitTest/BurnUnitTest.vcxproj +++ b/src/test/BurnUnitTest/BurnUnitTest.vcxproj @@ -36,7 +36,7 @@ ..\..\engine;..\..\WixToolset.BootstrapperCore.Native\inc - cabinet.lib;crypt32.lib;msi.lib;rpcrt4.lib;shlwapi.lib;wininet.lib;wintrust.lib + cabinet.lib;crypt32.lib;msi.lib;rpcrt4.lib;shlwapi.lib;wininet.lib diff --git a/src/test/BurnUnitTest/precomp.h b/src/test/BurnUnitTest/precomp.h index ddbdf9c6..a5db1555 100644 --- a/src/test/BurnUnitTest/precomp.h +++ b/src/test/BurnUnitTest/precomp.h @@ -43,7 +43,6 @@ #include "section.h" #include "approvedexe.h" #include "container.h" -#include "catalog.h" #include "payload.h" #include "cabextract.h" #include "burnextension.h" -- cgit v1.2.3-55-g6feb