Deploy: Separate Windows 7 & 10 drivers.

.gitignore

@@ -1,3 +1,4 @@
+*.cab
 *.dll
 *.exe
 *.pdb

deploy/deployment.json

@@ -7,15 +7,19 @@
 			]
 		},
 		"${TARGET}/driver": {
-			"x86 | win7": [
-				"${BUILD}-driver-${CONFIG}/fortfw32.sys"
-			],
-			"x86_64": [
-				"${BUILD}-driver-${CONFIG}/fortfw64.sys"
-			],
 			"scripts": [
 				"${ROOT}/src/driver/scripts		| *.bat *.lnk		|"
 			]
+		},
+		"${TARGET}/driver/x86 | win7": {
+			"sys": [
+				"${BUILD}-driver-${CONFIG}/Win32/fortfw.sys"
+			]
+		},
+		"${TARGET}/driver/x86_64": {
+			"sys": [
+				"${BUILD}-driver-${CONFIG}/x64/fortfw.sys"
+			]
 		}
 	}
 }

deploy/driver-cab/fortfw.ddf

@@ -0,0 +1,24 @@
+; External defines:
+; .Set PLAT=x64
+; .Set CONFIG=win10
+
+.Set CabinetFileCountThreshold=0
+.Set FolderFileCountThreshold=0
+.Set FolderSizeThreshold=0
+.Set MaxCabinetSize=0
+.Set MaxDiskFileCount=0
+.Set MaxDiskSize=0
+.Set CompressionType=MSZIP
+.Set Cabinet=on
+.Set Compress=on
+
+.Set CabinetNameTemplate=fortfw-%CONFIG%-%PLAT%.cab
+.Set DiskDirectoryTemplate= ; Output .cab files into current directory
+
+.Define DRIVER_PATH=..\..\build-driver-%CONFIG%\%PLAT%
+.Define INF_PATH=..\..\src\driver\fortfw.inf
+
+.Set DestinationDir=fortfw
+%DRIVER_PATH%\fortfw.sys
+%DRIVER_PATH%\fortfw.pdb
+%INF_PATH%

deploy/driver-cab/make-cab-win10.bat

@@ -0,0 +1 @@
+@%~dp0make-cab.bat x64 win10

deploy/driver-cab/make-cab-win7-32.bat

@@ -0,0 +1 @@
+@%~dp0make-cab.bat Win32 win7

deploy/driver-cab/make-cab-win7-64.bat

@@ -0,0 +1 @@
+@%~dp0make-cab.bat x64 win7

deploy/driver-cab/make-cab.bat

@@ -0,0 +1,14 @@
+@cd %~dp0
+@echo off
+
+@set PLAT=%1
+@set CONFIG=%2
+
+@set DRV_PATH=%~dp0..\..\build-driver-%CONFIG%\%PLAT%\fortfw.sys
+
+@call ../sign/clear-certs.bat %DRV_PATH%
+
+@cd %~dp0
+makecab.exe /f fortfw.ddf /D PLAT=%PLAT% /D CONFIG=%CONFIG%
+
+@del /Q setup.*

deploy/setup-deployment.ps1

@@ -14,16 +14,30 @@ $targetDirs = @($json.files.psobject.Properties.name)
 
 for ($i = 0; $i -lt $targetDirs.length; $i++) {
 
-    $targetDir = $targetDirs[$i]
-    $jsonTargetDir = $json.files."$targetDir"
+    $targetName = $targetDirs[$i]
 
-    $sections = @($jsonTargetDir.psobject.Properties.name)
-
-    $targetDir = $targetDir -replace "/",  "\"
+    $targetDir = $targetName -replace "/",  "\"
     $targetDir = $targetDir -replace '\${TARGET}',  "$TargetPath"
+
+    if ($Config -And $targetDir.Contains('|')) {
+        $targetParts = $targetDir.Split('|')
+
+        $targetConf = $targetParts[1].Trim().Split(' ')
+
+        if ($targetConf -notcontains $Config) {
+            Write-Host -ForeGround Yellow "target: $targetDir (Skipped for $Config)"
+            continue
+        }
+
+        $targetDir = $targetParts[0].Trim()
+    }
+
     echo "target: $targetDir"
 
     New-Item $targetDir -ItemType directory -Force | Out-Null
+
+    $jsonTargetName = $json.files."$targetName"
+    $sections = @($jsonTargetName.psobject.Properties.name)
     
     for ($j = 0; $j -lt $sections.length; $j++) {
         $sectionName = $sections[$j]
@@ -42,7 +56,7 @@ for ($i = 0; $i -lt $targetDirs.length; $i++) {
 
         echo "  $sectionName"
 
-        $files = @($jsonTargetDir."$sectionName")
+        $files = @($jsonTargetName."$sectionName")
 
         for ($k = 0; $k -lt $files.Length; $k++) {
             $file = $files[$k]

deploy/sign/clear-certs.bat

@@ -0,0 +1,6 @@
+@cd %~dp0
+@echo off
+
+@set BIN_PATH=%1
+
+signtool.exe remove /s %BIN_PATH%

deploy/sign/sign-app.bat

@@ -3,6 +3,6 @@
 
 @set APP_PATH=..\build\FortFirewall.exe
 
-@call sign-env.bat
+@call sign-env-certum.bat
 
 signtool.exe sign /ac "%CRT_PATH%" /n "%CRT_NAME%" /fd sha256 /tr http://time.certum.pl/ %APP_PATH%

deploy/sign/sign-cabs.bat

@@ -0,0 +1,8 @@
+@cd %~dp0
+@echo off
+
+@set CAB_PATH=..\driver-cab\fortfw*.cab
+
+@call sign-env-certum.bat
+
+signtool.exe sign /n "%CRT_NAME%" /fd sha256 /tr http://time.certum.pl/ %CAB_PATH%

deploy/sign/sign-driver.bat

@@ -1,12 +1,11 @@
 @cd %~dp0
 @echo off
 
-@rem ARCH: 64, 32
+@rem ARCH: x86, x86_64
 @set ARCH=%1
 
-@set DRV_PATH=..\build\driver\fortfw%ARCH%.sys
+@set DRV_PATH=..\build\driver\%ARCH%\fortfw.sys
 
-@call sign-env.bat
+@call sign-env-sectigo.bat
 
-signtool.exe sign /ac "%CRT_PATH%" /n "%CRT_NAME%" /fd sha1 /t http://time.certum.pl/ %DRV_PATH%
-signtool.exe sign /as /ac "%CRT_PATH%" /n "%CRT_NAME%" /fd sha256 /tr http://time.certum.pl/ %DRV_PATH%
+signtool.exe sign /ac "%CRT_PATH%" /n "%CRT_NAME%" /fd sha256 /tr http://time.certum.pl/ %DRV_PATH%

deploy/sign/sign-env-certum.bat

@@ -0,0 +1,5 @@
+@echo off
+
+@rem Certum
+@set CRT_PATH=cert\Certum Trusted Network CA.crt
+@set CRT_NAME=Open Source Developer, Nodir Temirkhodjaev

deploy/sign/sign-env-sectigo.bat

@@ -0,0 +1,5 @@
+@echo off
+
+@rem Sectigo
+@set CRT_PATH=cert\SectigoPublicCodeSigningRootR46_AAA.crt
+@set CRT_NAME=Renew-it-now

deploy/sign/sign-env.bat

@@ -1,9 +0,0 @@
-@echo off
-
-@rem Certum
-@rem @set CRT_PATH=cert\Certum Trusted Network CA.crt
-@rem @set CRT_NAME=Open Source Developer, Nodir Temirkhodjaev
-
-@rem Sectigo
-@set CRT_PATH=cert\SectigoPublicCodeSigningRootR46_AAA.crt
-@set CRT_NAME=Renew-it-now

deploy/sign/sign-out.bat

@@ -3,6 +3,6 @@
 
 @set OUT_PATH=..\out\*.exe
 
-@call sign-env.bat
+@call sign-env-certum.bat
 
 signtool.exe sign /ac "%CRT_PATH%" /n "%CRT_NAME%" /fd sha256 /tr http://time.certum.pl/ %OUT_PATH%

src/driver/fortdrv.vcxproj

@@ -33,12 +33,7 @@
     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
     <ConfigurationType>Driver</ConfigurationType>
     <DriverType>WDM</DriverType>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Platform)'=='Win32'" Label="Platform-Win32">
-    <TargetName>fortfw32</TargetName>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Platform)'=='x64'" Label="Platform-x64">
-    <TargetName>fortfw64</TargetName>
+    <TargetName>fortfw</TargetName>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)'=='Release'" Label="Configuration-Release">
     <UseDebugLibraries>false</UseDebugLibraries>

src/driver/fortfw.inf

@@ -0,0 +1,40 @@
+[Version]
+Signature = "$WINDOWS NT$"
+Provider = %ManufacturerName%
+Class = WFP
+ClassGuid = {D7130FB9-F721-4BF7-A74A-CD9DD0230D80}
+DriverVer = 01/01/2021
+CatalogFile = fortfw.cat
+
+[DestinationDirs]
+DefaultDestDir = 12 ; %WinDir%\System32\Drivers
+
+[SourceDisksNames]
+1 = %DiskName%
+
+[SourceDisksFiles]
+fortfw.sys = 1
+
+[DefaultInstall]
+OptionDesc = %ServiceDesc%
+CopyFiles = Fort.DriverFiles
+
+[DefaultInstall.Services]
+AddService = %ServiceName%,,Fort.Service
+
+[Fort.DriverFiles]
+fortfw.sys
+
+[Fort.Service]
+DisplayName = %ServiceName%
+Description = %ServiceDesc%
+ServiceType = 1 ; SERVICE_KERNEL_DRIVER
+StartType = 2 ; SERVICE_AUTO_START
+ErrorControl = 1 ; SERVICE_ERROR_NORMAL
+ServiceBinary = %12%\fortfw.sys
+
+[Strings]
+ManufacturerName = "Nodir Temirkhodjaev"
+DiskName = "Fort Firewall Installation Disk"
+ServiceName = "FortFirewallSvc"
+ServiceDesc = "Fort Firewall Service"

src/driver/msvcbuild.bat

@@ -12,7 +12,7 @@
 @set CONFIG=%2
 @if "%CONFIG%"=="" PLAT=win10
 
-@set OutDir=..\..\build-driver-%CONFIG%
+@set OutDir=..\..\build-driver-%CONFIG%\%PLAT%
 @set IntDir=%OutDir%-%PLAT%
 
 MSBuild fortdrv.vcxproj /p:OutDir=%OutDir%\;IntDir=%IntDir%\;Platform=%PLAT%;Config=%CONFIG%
@@ -22,4 +22,4 @@ MSBuild fortdrv.vcxproj /p:OutDir=%OutDir%\;IntDir=%IntDir%\;Platform=%PLAT%;Con
 @rd /S /Q "%IntDir%"
 
 @rd /S /Q "%OutDir%\fortdrv"
-@del /Q "%OutDir%\fortfw*.cer" "%OutDir%\fortfw*.pdb"
+@del /Q "%OutDir%\fortfw*.cer"

src/driver/scripts/install.bat

@@ -1,12 +1,12 @@
 @rem Install driver
 
-@set ARCH=32
-@if defined PROGRAMFILES(X86) @set ARCH=64
+@set ARCH=x86
+@if defined PROGRAMFILES(X86) @set ARCH=x86_64
 
 @set BASENAME=fortfw
-@set FILENAME=%BASENAME%%ARCH%.sys
-@set SRCPATH=%~dp0..\%FILENAME%
-@set DSTPATH=%SystemRoot%\System32\drivers\%BASENAME%.sys
+@set FILENAME=%BASENAME%.sys
+@set SRCPATH=%~dp0..\%ARCH%\%FILENAME%
+@set DSTPATH=%SystemRoot%\System32\drivers\%FILENAME%
 
 @set DRIVERSVC=%BASENAME%
 @set DISPNAME=Fort Firewall Driver