Mercurial > dwindows
changeset 2966:48cfd7cb37a6
Add MacOS signing support with environment variable: CODESIGNIDENTITY.
Remove the old code to attempt to sign it manually.
Instead just specify the signing identity in CODESIGNIDENTITY.
Most apps sign it in the "installer" rule, but since we don't have a DMG
installer rule for the library, we instead sign it in the finishup script.
author | bsmith@81767d24-ef19-dc11-ae90-00e081727c95 |
---|---|
date | Sun, 12 Mar 2023 22:34:00 +0000 |
parents | e400d349aca5 |
children | fec8528fcbe8 |
files | Makefile.in mac/finishup.sh |
diffstat | 2 files changed, 17 insertions(+), 23 deletions(-) [+] |
line wrap: on
line diff
--- a/Makefile.in Fri Mar 03 21:27:45 2023 +0000 +++ b/Makefile.in Sun Mar 12 22:34:00 2023 +0000 @@ -197,7 +197,7 @@ dwtest: dwtest.o $(CC) -o dwtest dwtest.o $(MLFLAGS) -l$(TARGET) $(LFLAGS) -chmod +x $(srcdir)/mac/finishup.sh - -$(srcdir)/mac/finishup.sh $(srcdir) dwtest + -$(srcdir)/mac/finishup.sh "$(srcdir)" dwtest "$(CODESIGNIDENTITY)" dwtestoo.o: $(srcdir)/dwtestoo.cpp $(srcdir)/dw.h $(srcdir)/dw.hpp $(CXX) -c $(INCPATH) $(CXXFLAGS) $(CCFLAGS) -o $@ $(srcdir)/dwtestoo.cpp @@ -205,7 +205,7 @@ dwtestoo: dwtestoo.o $(CXX) -o dwtestoo dwtestoo.o $(MLFLAGS) -l$(TARGET) $(LFLAGS) -lstdc++ -chmod +x $(srcdir)/mac/finishup.sh - -$(srcdir)/mac/finishup.sh $(srcdir) dwtestoo + -$(srcdir)/mac/finishup.sh "$(srcdir)" dwtestoo "$(CODESIGNIDENTITY)" zip: zip dwindows$(VER_MAJ)$(VER_MIN).zip $(srcdir)/*.txt $(srcdir)/makefile.* \
--- a/mac/finishup.sh Fri Mar 03 21:27:45 2023 +0000 +++ b/mac/finishup.sh Sun Mar 12 22:34:00 2023 +0000 @@ -1,32 +1,26 @@ #!/bin/sh PLATFORM=`uname -s` +SRCDIR=$1 +BINNAME=$2 +IDENTITY=$3 if [ $PLATFORM = "Darwin" ] then mkdir -p $2.app/Contents/MacOS mkdir -p $2.app/Contents/Resources - cat $1/mac/Info.template | sed s/APPNAME/$2/ > $2.app/Contents/Info.plist - cp -f $1/mac/PkgInfo $2.app/Contents - cp -f $1/mac/file.png $2.app/Contents/Resources - cp -f $1/mac/folder.png $2.app/Contents/Resources - cp -f $1/image/test.png $2.app/Contents/Resources - cp -f $2 $2.app/Contents/MacOS + cat $SRCDIR/mac/Info.template | sed s/APPNAME/$BINNAME/ > $BINNAME.app/Contents/Info.plist + cp -f $SRCDIR/mac/PkgInfo $BINNAME.app/Contents + cp -f $SRCDIR/mac/file.png $BINNAME.app/Contents/Resources + cp -f $SRCDIR/mac/folder.png $BINNAME.app/Contents/Resources + cp -f $SRCDIR/image/test.png $BINNAME.app/Contents/Resources + cp -f $BINNAME $BINNAME.app/Contents/MacOS # Check if there is a certificate to sign with... - if [ ! -f mac/key.crt ]; then - if [ -f mac/key.rsa ]; then - # If not we generate a self-signed one for testing purposes - echo "No certificate in mac/key.crt so generating self-signed certificate..." - openssl req -new -key mac/key.rsa -out mac/key.csr -config mac/openssl.cnf - openssl x509 -req -days 3650 -in mac/key.csr -signkey mac/key.rsa -out mac/key.crt -extfile mac/openssl.cnf -extensions codesign - certtool i mac/key.crt k="`pwd`/mac/key.keychain" r=mac/key.rsa c p=moof - else - echo "No key pair found, cannot generate certificate... signing AdHoc." - codesign -s "-" $2.app/Contents/MacOS/$2 - fi - fi - if [ -f mac/key.keychain ]; then - echo "Signing the apllication with certificate in mac/key.crt" - codesign -s my-signing-identity --keychain mac/key.keychain $2.app/Contents/MacOS/$2 + if [ -z "$IDENTITY" ]; then + echo "No identity set signing AdHoc." + codesign --deep -s "-" $BINNAME.app + else + echo "Signing code with identity: $IDENTITY" + codesign --deep -s "$IDENTITY" $BINNAME.app fi fi