Work around Microsoft's new ISO download countermeasures

* The Microsoft servers now use session Id whitelisting, so add querying of https://vlscppe.microsoft.com/tags with the session Id. * Closes #52. * Also harmonize/improve -replace calls * Also make sure we use POST for the getskuinformationbyproductedition query (in case Microsoft add some more countermeasures). * Also drop 'cmd /c' invocation in sign.sh since the cygwin people can't seem to get their act together there...
2025-09-16 14:18:02 +02:00 · 2023-01-08 22:10:01 +00:00
parent 84f833b067
commit 8cf4a279ff
2 changed files with 103 additions and 99 deletions
--- a/sign.sh
+++ b/sign.sh
@@ -21,7 +21,7 @@ sign_file() {
 }

 # Update the Authenticode signature
-cmd.exe /c '"C:\Program Files (x86)\Windows Kits\10\bin\10.0.22000.0\x64\signtool" sign /v /sha1 3dbc3a2a0e9ce8803b422cfdbc60acd33164965d /fd SHA256 /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp /td SHA256 Fido.ps1'
+MSYS2_ARG_CONV_EXCL='*' "C:\Program Files (x86)\Windows Kits\10\bin\10.0.22000.0\x64\signtool" sign /v /sha1 3dbc3a2a0e9ce8803b422cfdbc60acd33164965d /fd SHA256 /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp /td SHA256 Fido.ps1
 read -s -p "Enter pass phrase for `realpath $PRIVATE_KEY`: " PASSWORD
 echo
 # Confirm that the pass phrase is valid by trying to sign a dummy file