# HG changeset patch # User bsmith@81767d24-ef19-dc11-ae90-00e081727c95 # Date 1678660440 0 # Node ID 48cfd7cb37a60ba497196fc7ab16a39b10376074 # Parent e400d349aca50244e346372f3cd46bc7c8b2ba6d Add MacOS signing support with environment variable: CODESIGNIDENTITY. Remove the old code to attempt to sign it manually. Instead just specify the signing identity in CODESIGNIDENTITY. Most apps sign it in the "installer" rule, but since we don't have a DMG installer rule for the library, we instead sign it in the finishup script. diff -r e400d349aca5 -r 48cfd7cb37a6 Makefile.in --- a/Makefile.in Fri Mar 03 21:27:45 2023 +0000 +++ b/Makefile.in Sun Mar 12 22:34:00 2023 +0000 @@ -197,7 +197,7 @@ dwtest: dwtest.o $(CC) -o dwtest dwtest.o $(MLFLAGS) -l$(TARGET) $(LFLAGS) -chmod +x $(srcdir)/mac/finishup.sh - -$(srcdir)/mac/finishup.sh $(srcdir) dwtest + -$(srcdir)/mac/finishup.sh "$(srcdir)" dwtest "$(CODESIGNIDENTITY)" dwtestoo.o: $(srcdir)/dwtestoo.cpp $(srcdir)/dw.h $(srcdir)/dw.hpp $(CXX) -c $(INCPATH) $(CXXFLAGS) $(CCFLAGS) -o $@ $(srcdir)/dwtestoo.cpp @@ -205,7 +205,7 @@ dwtestoo: dwtestoo.o $(CXX) -o dwtestoo dwtestoo.o $(MLFLAGS) -l$(TARGET) $(LFLAGS) -lstdc++ -chmod +x $(srcdir)/mac/finishup.sh - -$(srcdir)/mac/finishup.sh $(srcdir) dwtestoo + -$(srcdir)/mac/finishup.sh "$(srcdir)" dwtestoo "$(CODESIGNIDENTITY)" zip: zip dwindows$(VER_MAJ)$(VER_MIN).zip $(srcdir)/*.txt $(srcdir)/makefile.* \ diff -r e400d349aca5 -r 48cfd7cb37a6 mac/finishup.sh --- a/mac/finishup.sh Fri Mar 03 21:27:45 2023 +0000 +++ b/mac/finishup.sh Sun Mar 12 22:34:00 2023 +0000 @@ -1,32 +1,26 @@ #!/bin/sh PLATFORM=`uname -s` +SRCDIR=$1 +BINNAME=$2 +IDENTITY=$3 if [ $PLATFORM = "Darwin" ] then mkdir -p $2.app/Contents/MacOS mkdir -p $2.app/Contents/Resources - cat $1/mac/Info.template | sed s/APPNAME/$2/ > $2.app/Contents/Info.plist - cp -f $1/mac/PkgInfo $2.app/Contents - cp -f $1/mac/file.png $2.app/Contents/Resources - cp -f $1/mac/folder.png $2.app/Contents/Resources - cp -f $1/image/test.png $2.app/Contents/Resources - cp -f $2 $2.app/Contents/MacOS + cat $SRCDIR/mac/Info.template | sed s/APPNAME/$BINNAME/ > $BINNAME.app/Contents/Info.plist + cp -f $SRCDIR/mac/PkgInfo $BINNAME.app/Contents + cp -f $SRCDIR/mac/file.png $BINNAME.app/Contents/Resources + cp -f $SRCDIR/mac/folder.png $BINNAME.app/Contents/Resources + cp -f $SRCDIR/image/test.png $BINNAME.app/Contents/Resources + cp -f $BINNAME $BINNAME.app/Contents/MacOS # Check if there is a certificate to sign with... - if [ ! -f mac/key.crt ]; then - if [ -f mac/key.rsa ]; then - # If not we generate a self-signed one for testing purposes - echo "No certificate in mac/key.crt so generating self-signed certificate..." - openssl req -new -key mac/key.rsa -out mac/key.csr -config mac/openssl.cnf - openssl x509 -req -days 3650 -in mac/key.csr -signkey mac/key.rsa -out mac/key.crt -extfile mac/openssl.cnf -extensions codesign - certtool i mac/key.crt k="`pwd`/mac/key.keychain" r=mac/key.rsa c p=moof - else - echo "No key pair found, cannot generate certificate... signing AdHoc." - codesign -s "-" $2.app/Contents/MacOS/$2 - fi - fi - if [ -f mac/key.keychain ]; then - echo "Signing the apllication with certificate in mac/key.crt" - codesign -s my-signing-identity --keychain mac/key.keychain $2.app/Contents/MacOS/$2 + if [ -z "$IDENTITY" ]; then + echo "No identity set signing AdHoc." + codesign --deep -s "-" $BINNAME.app + else + echo "Signing code with identity: $IDENTITY" + codesign --deep -s "$IDENTITY" $BINNAME.app fi fi