Initial MSI authoring for Previews (#521)

2021-12-06 12:33:24 -08:00 · 2021-12-06 12:33:24 -08:00 · d476258f99
parent 1d40f24cf8
commit d476258f99
6 changed files with 312 additions and 18 deletions
--- a/contrib/win32/install/client.wxs
+++ b/contrib/win32/install/client.wxs
@ -0,0 +1,29 @@
+<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
+    <Fragment>
+        <!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. -->
+        <ComponentGroup Id="Client" Directory="INSTALLFOLDER">
+            <ComponentGroupRef Id="Shared" />
+            <Component>
+                <File Name="ssh.exe" KeyPath="yes" />
+                <File Name="ssh.pdb" />
+            </Component>
+            <Component>
+                <File Name="sftp.exe" KeyPath="yes" />
+                <File Name="sftp.pdb" />
+            </Component>
+            <Component>
+                <File Name="ssh-add.exe" KeyPath="yes" />
+                <File Name="ssh-add.pdb" />
+            </Component>
+            <Component>
+                <File Name="ssh-keyscan.exe" KeyPath="yes" />
+                <File Name="ssh-keyscan.pdb" />
+            </Component>
+            <Component Id="ClientPATH" Guid="F07FFA0C-B5CF-45A3-9013-A7420DDFD654">
+                <!-- Use same property condition as PowerShell. We can use a shared component GUID here because there should be only one installed on a system. -->
+                <Condition>ADD_PATH=1</Condition>
+                <Environment Id="ClientPATH" Name="PATH" Value="[INSTALLFOLDER]" Action="set" Part="first" System="yes" />
+            </Component>
+        </ComponentGroup>
+    </Fragment>
+</Wix>
--- a/contrib/win32/install/openssh.wixproj
+++ b/contrib/win32/install/openssh.wixproj
@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+    <PropertyGroup>
+        <Configuration Condition="'$(Configuration)' == ''">Debug</Configuration>
+        <Platform Condition="'$(Platform)' == ''">x64</Platform>
+        <ProductVersion>1.1.0</ProductVersion>
+        <OutputName>openssh</OutputName>
+        <OutputType>package</OutputType>
+        <OutputPath>bin\$(Platform)\$(Configuration)\</OutputPath>
+        <IntermediateOutputPath>obj\$(Platform)\$(Configuration)\</IntermediateOutputPath>
+        <DefineConstants>
+            $(DefineConstants);
+            ProductVersion=$(ProductVersion);
+        </DefineConstants>
+        <DefineSolutionProperties>false</DefineSolutionProperties>
+        <WixTargetsPath Condition="'$(WixTargetsPath)' == ''">$(MSBuildExtensionsPath)\Microsoft\WiX\v3.x\Wix.targets</WixTargetsPath>
+    </PropertyGroup>
+
+    <PropertyGroup Condition="'$(Configuration)' == 'Debug'">
+        <DefineConstants>
+            $(DefineConstants);
+            Debug;
+        </DefineConstants>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <BindInputPaths Include="..\..\..\bin\$(Platform)\$(Configuration)" />
+    </ItemGroup>
+
+    <ItemGroup>
+        <Compile Include="product.wxs" />
+        <Compile Include="client.wxs" />
+        <Compile Include="server.wxs" />
+        <Compile Include="shared.wxs" />
+    </ItemGroup>
+
+    <ItemGroup>
+        <WixExtension Include="WixFirewallExtension" />
+        <WixExtension Include="WixUIExtension" />
+        <WixExtension Include="WixUtilExtension" />
+    </ItemGroup>
+
+    <Import Project="$(WixTargetsPath)" />
+</Project>
--- a/contrib/win32/install/product.wxs
+++ b/contrib/win32/install/product.wxs
@ -0,0 +1,39 @@
+<?xml version="1.0"?>
+
+<?ifndef ProductVersion?>
+<?error ProductVersion must be defined?>
+<?endif?>
+
+<!-- Currently support x86, x64 builds. Assumes only previews are built as MSIs. -->
+<?if $(var.Platform) = "x64"?>
+<?define ProgramFilesFolder = "ProgramFiles64Folder"?>
+<?define UpgradeCode = "9E9D0D93-E70D-4424-ADBD-AD3B226A226D"?>
+<?elseif $(var.Platform) = "x86"?>
+<?define ProgramFilesFolder = "ProgramFilesFolder"?>
+<?define UpgradeCode = "2A1799F1-5B26-4DDC-A0C7-03F75C4C08D2"?>
+<?else?>
+<?error Platform $(var.Platform) is not supported?>
+<?endif?>
+
+<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
+    <Product Id="*" Name="OpenSSH" Version="$(var.ProductVersion)" Language="1033" Manufacturer="Microsoft Corporation" UpgradeCode="$(var.UpgradeCode)">
+        <Package Compressed="yes" InstallerVersion="200" InstallScope="perMachine"/>
+        <MediaTemplate EmbedCab="yes" />
+
+        <MajorUpgrade Schedule="afterInstallInitialize" DowngradeErrorMessage="A newer version of !(bind.property.ProductName) is already installed." />
+        <Condition Message="OpenSSH is supported only on Windows 7 and newer."><![CDATA[VersionNT >= 601]]></Condition>
+
+        <Feature Id="Client" AllowAdvertise="no">
+            <ComponentGroupRef Id="Client" />
+        </Feature>
+        <Feature Id="Server" AllowAdvertise="no">
+            <ComponentGroupRef Id="Server" />
+        </Feature>
+
+        <Directory Id="TARGETDIR" Name="SourceDir">
+            <Directory Id="$(var.ProgramFilesFolder)" Name="Program Files">
+                <Directory Id="INSTALLFOLDER" Name="OpenSSH" />
+            </Directory>
+        </Directory>
+    </Product>
+</Wix>
--- a/contrib/win32/install/server.wxs
+++ b/contrib/win32/install/server.wxs
@ -0,0 +1,70 @@
+<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi" xmlns:firewall="http://schemas.microsoft.com/wix/FirewallExtension" xmlns:util="http://schemas.microsoft.com/wix/UtilExtension">
+    <Fragment>
+        <!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. -->
+        <ComponentGroup Id="Server" Directory="INSTALLFOLDER">
+            <ComponentGroupRef Id="Shared" />
+            <Component>
+                <File Name="sftp-server.exe" KeyPath="yes" />
+                <File Name="sftp-server.pdb" />
+            </Component>
+            <Component>
+                <File Name="ssh-shellhost.exe" KeyPath="yes" />
+                <File Name="ssh-shellhost.pdb" />
+            </Component>
+            <Component>
+                <File Id="sshd.exe" Name="sshd.exe" KeyPath="yes" />
+                <File Name="sshd.pdb" />
+                <RegistryKey Root="HKLM" Key="SOFTWARE\OpenSSH" ForceCreateOnInstall="yes">
+                    <PermissionEx Sddl="O:BAG:SYD:P(A;OICI;KR;;;AU)(A;OICI;KA;;;SY)(A;OICI;KA;;;BA)" />
+                    <!-- ssh-agent-associated key should only be created if the Server feature is installed. -->
+                    <RegistryKey Key="agent" ForceCreateOnInstall="yes">
+                        <PermissionEx Sddl="O:BAG:SYD:P(A;OICI;KA;;;SY)(A;OICI;KA;;;BA)" />
+                    </RegistryKey>
+                </RegistryKey>
+                <ServiceInstall
+                    Name="sshd"
+                    DisplayName="OpenSSH SSH Server"
+                    Description="OpenSSH is a connectivity tool for remote login that uses the SSH protocol. It encrypts all traffic between client and server to eliminate eavesdropping, connection hijacking, and other attacks."
+                    Start="auto"
+                    Type="ownProcess"
+                    Interactive="no"
+                    ErrorControl="critical"
+                    Vital="yes">
+                    <util:ServiceConfig
+                        ResetPeriodInDays="1"
+                        FirstFailureActionType="restart"
+                        SecondFailureActionType="restart"
+                        ThirdFailureActionType="restart"
+                        />
+                </ServiceInstall>
+                <ServiceControl
+                    Id="ControlSshd"
+                    Name="sshd"
+                    Start="install"
+                    Stop="both"
+                    Remove="uninstall" />
+                <firewall:FirewallException
+                    Id="sshd_allow"
+                    Name="OpenSSH SSH Server Preview (sshd)"
+                    Description="Inbound rule for OpenSSH SSH Server (sshd)"
+                    Program="[#sshd.exe]"
+                    Protocol="tcp"
+                    Port="22"
+                    Scope="any"
+                    />
+            </Component>
+            <Component>
+                <File Name="sshd_config_default">
+                    <PermissionEx Sddl="O:BAG:SYD:PAI(A;;FA;;;SY)(A;;FA;;;BA)" />
+                </File>
+            </Component>
+        </ComponentGroup>
+
+        <!-- Automatically add custom actions if referencing the Server component group. -->
+        <SetProperty Id="SetPrivilegesOnSshd" Value="&quot;[SystemFolder]sc.exe&quot; privs sshd SeAssignPrimaryTokenPrivilege/SeTcbPrivilege/SeBackupPrivilege/SeRestorePrivilege/SeImpersonatePrivilege" Sequence="execute" Before="SetPrivilegesOnSshd" />
+        <CustomAction Id="SetPrivilegesOnSshd" BinaryKey="WixCA" DllEntry="WixQuietExec" Execute="deferred" Return="check" Impersonate="no" />
+        <InstallExecuteSequence>
+            <Custom Action="SetPrivilegesOnSshd" After="InstallServices"><![CDATA[&Server = 3]]></Custom>
+        </InstallExecuteSequence>
+    </Fragment>
+</Wix>
--- a/contrib/win32/install/shared.wxs
+++ b/contrib/win32/install/shared.wxs
@ -0,0 +1,66 @@
+<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi" xmlns:util="http://schemas.microsoft.com/wix/UtilExtension">
+    <Fragment>
+        <!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. -->
+        <ComponentGroup Id="Shared" Directory="INSTALLFOLDER">
+            <Component>
+                <File Name="libcrypto.dll" KeyPath="yes" />
+                <File Name="libcrypto.pdb" />
+            </Component>
+            <Component>
+                <File Name="moduli">
+                    <PermissionEx Sddl="D:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;WD)" />
+                </File>
+            </Component>
+            <Component>
+                <File Name="scp.exe" KeyPath="yes" />
+                <File Name="scp.pdb" />
+            </Component>
+            <Component>
+                <File Name="ssh-keygen.exe" KeyPath="yes" />
+                <File Name="ssh-keygen.pdb" />
+            </Component>
+
+            <!-- ssh-agent is useful in both client and server scenarios. -->
+            <Component>
+                <File Name="openssh-events.man">
+                    <util:EventManifest ResourceFile="[#ssh_agent.exe]" />
+                </File>
+            </Component>
+            <Component>
+                <!-- Define the File/@Id to reference in util:EventManifest/@ResourceFile above. -->
+                <File Id="ssh_agent.exe" Name="ssh-agent.exe" KeyPath="yes" />
+                <File Name="ssh-agent.pdb" />
+                <ServiceInstall
+                    Name="ssh-agent"
+                    DisplayName="OpenSSH Authentication Agent"
+                    Description="Agent to hold private keys used for public key authentication."
+                    Start="auto"
+                    Type="ownProcess"
+                    Interactive="no"
+                    ErrorControl="critical"
+                    Vital="yes">
+                    <util:ServiceConfig
+                        ResetPeriodInDays="1"
+                        FirstFailureActionType="restart"
+                        SecondFailureActionType="restart"
+                        ThirdFailureActionType="restart"
+                        />
+                    <PermissionEx Sddl="D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)(A;;RP;;;AU)" />
+                </ServiceInstall>
+                <ServiceControl
+                    Id="ControlSshAgent"
+                    Name="ssh-agent"
+                    Start="install"
+                    Stop="both"
+                    Remove="uninstall" />
+            </Component>
+        </ComponentGroup>
+
+        <!-- Automatically add custom actions if referencing the Shared component group. -->
+        <SetProperty Id="SetPrivilegesOnSshAgent" Value="&quot;[SystemFolder]sc.exe&quot; privs ssh-agent SeImpersonatePrivilege" Sequence="execute" Before="SetPrivilegesOnSshAgent" />
+        <CustomAction Id="SetPrivilegesOnSshAgent" BinaryKey="WixCA" DllEntry="WixQuietExec" Execute="deferred" Return="check" Impersonate="no" />
+        <InstallExecuteSequence>
+            <Custom Action="SetPrivilegesOnSshAgent" After="InstallServices"><![CDATA[&Server = 3]]></Custom>
+        </InstallExecuteSequence>
+    </Fragment>
+</Wix>
--- a/contrib/win32/openssh/OpenSSHBuildHelper.psm1
+++ b/contrib/win32/openssh/OpenSSHBuildHelper.psm1
@ -1,4 +1,4 @@
-Set-StrictMode -Version 2.0
+Set-StrictMode -Version 2.0
 If ($PSVersiontable.PSVersion.Major -le 2) {$PSScriptRoot = Split-Path -Parent $MyInvocation.MyCommand.Path}
 Import-Module $PSScriptRoot\OpenSSHCommonUtils.psm1 -Force

@ -196,8 +196,9 @@ function Start-OpenSSHBootstrap
        Write-BuildMsg -AsVerbose -Message "$gitCmdPath already present in Path environment variable" -Silent:$silent
    }

-    $VS2015Path = Get-VS2015BuildToolPath
+    $VS2019Path = Get-VS2019BuildToolPath
    $VS2017Path = Get-VS2017BuildToolPath
+    $VS2015Path = Get-VS2015BuildToolPath

    # Update machine environment path
    if ($newMachineEnvironmentPath -ne $machinePath)
@ -236,17 +237,24 @@ function Start-OpenSSHBootstrap
        }
    }

-    #use vs2017 build tool if exists
-    if($VS2017Path -ne $null)
-    {
+    $sdkPath = "${env:ProgramFiles(x86)}\Windows Kits\8.1\bin\x86\register_app.vbs"

+    if ($VS2019Path -or $VS2017Path)
+    {
+        # Use VS2019 or VS2017 build tools if installed.
+        if (-not (Test-Path $sdkPath))
+        {
+            $packageName = "windows-sdk-8.1"
+            Write-BuildMsg -AsInfo -Message "$packageName not present. Installing $packageName ..."
+            choco install $packageName -y --force --limitoutput --execution-timeout 10000 2>&1 >> $script:BuildLogFile
+        }

        if(-not (Test-Path $VcVars))
        {
            Write-BuildMsg -AsError -ErrorAction Stop -Message "VC++ 2015.3 v140 toolset are not installed."   
        }
    }
-    elseIf (($VS2015Path -eq $null) -or (-not (Test-Path $VcVars))) {
+    elseif (!$VS2015Path -or (-not (Test-Path $VcVars)) -or (-not (Test-Path $sdkPath))) {
        $packageName = "vcbuildtools"
        Write-BuildMsg -AsInfo -Message "$packageName not present. Installing $packageName ..."
        choco install $packageName -ia "/InstallSelectableItems VisualCppBuildTools_ATLMFC_SDK;VisualCppBuildTools_NETFX_SDK" -y --force --limitoutput --execution-timeout 120 2>&1 >> $script:BuildLogFile
@ -283,10 +291,9 @@ function Start-OpenSSHBootstrap
        Write-BuildMsg -AsVerbose -Message 'VC++ 2015 Build Tools already present.'
    }

-    if($NativeHostArch.ToLower().Startswith('arm') -and ($VS2017Path -eq $null))
+    if($NativeHostArch.ToLower().Startswith('arm') -and ($VS2019Path -or $VS2017Path))
    {
-        
-        #todo, install vs 2017 build tools
+        #TODO: Install VS2019 or VS2017 build tools
        Write-BuildMsg -AsError -ErrorAction Stop -Message "The required msbuild 15.0 is not installed on the machine."
    }

@ -302,9 +309,16 @@ function Start-OpenSSHBootstrap
    }

    # Ensure the VS C toolset is installed
-    if ($null -eq $env:VS140COMNTOOLS)
+    if (!$env:VS140COMNTOOLS)
    {
-        Write-BuildMsg -AsError -ErrorAction Stop -Message "Cannot find Visual Studio 2015 Environment variable VS140COMNTOOlS."
+        if (Test-Path $vcVars)
+        {
+            $env:VS140COMNTOOLS = Split-Path $vcVars
+        }
+        else
+        {
+            Write-BuildMsg -AsError -ErrorAction Stop -Message "Cannot find Visual Studio 2015 Environment variable VS140COMNTOOlS."
+        }
    }

    $item = Get-Item(Join-Path -Path $env:VS140COMNTOOLS -ChildPath '../../vc')
@ -594,13 +608,24 @@ function Start-OpenSSHBuild
    {
        $cmdMsg += "/noconlog"
    }
-    
-    $msbuildCmd = Get-VS2017BuildToolPath
-    if($msbuildCmd -eq $null)
+
+    if ($msbuildCmd = Get-VS2019BuildToolPath)
    {
-        $msbuildCmd = Get-VS2015BuildToolPath
+        Write-BuildMsg -AsInfo -Message "Using MSBuild path: $msbuildCmd"
    }
-    
+    elseif ($msbuildCmd = Get-VS2017BuildToolPath)
+    {
+        Write-BuildMsg -AsInfo -Message "Using MSBuild path: $msbuildCmd"
+    }
+    elseif ($msbuildCmd = Get-VS2015BuildToolPath)
+    {
+        Write-BuildMsg -AsInfo -Message "Using MSBuild path: $msbuildCmd"
+    }
+    else
+    {
+        Write-BuildMsg -AsError -ErrorAction Stop -Message "MSBuild not found"
+    }
+
    Write-BuildMsg -AsInfo -Message "Starting Open SSH build; Build Log: $($script:BuildLogFile)."
    Write-BuildMsg -AsInfo -Message "$msbuildCmd $cmdMsg"

@ -615,8 +640,27 @@ function Start-OpenSSHBuild
    Write-BuildMsg -AsInfo -Message "SSH build successful."
 }

+function Get-VS2019BuildToolPath
+{
+    # TODO: Should use vswhere: https://github.com/microsoft/vswhere/wiki/Find-MSBuild
+    $searchPath = "${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\*\MSBuild\Current\Bin"
+    if($env:PROCESSOR_ARCHITECTURE -ieq "AMD64")
+    {
+        $searchPath += "\amd64"
+    }
+    $toolAvailable = @()
+    $toolAvailable += Get-ChildItem -path $searchPath\* -Filter "MSBuild.exe" -ErrorAction SilentlyContinue
+    if($toolAvailable.count -eq 0)
+    {
+        return $null
+    }
+
+    return $toolAvailable[0].FullName
+}
+
 function Get-VS2017BuildToolPath
 {
+    # TODO: Should use vswhere: https://github.com/microsoft/vswhere/wiki/Find-MSBuild
    $searchPath = "${env:ProgramFiles(x86)}\Microsoft Visual Studio\2017\*\MSBuild\15.0\Bin"
    if($env:PROCESSOR_ARCHITECTURE -ieq "AMD64")
    {
@ -628,7 +672,8 @@ function Get-VS2017BuildToolPath
    {
        return $null
    }
-   return $toolAvailable[0].FullName
+
+    return $toolAvailable[0].FullName
 }

 function Get-VS2015BuildToolPath
@ -644,7 +689,8 @@ function Get-VS2015BuildToolPath
    {
        return $null
    }
-   return $toolAvailable[0].FullName
+
+    return $toolAvailable[0].FullName
 }

 function Get-Windows10SDKVersion