diff options
| author | Tor Lillqvist <tml@iki.fi> | 2013-04-09 12:35:06 +0300 |
|---|---|---|
| committer | Tor Lillqvist <tml@iki.fi> | 2013-04-09 13:17:37 +0300 |
| commit | db403988a7fd7d468f53d9296ff8d6c213ce435c (patch) | |
| tree | 62dcb526984a3d4acf2a2ed21b16a800fd230780 /solenv | |
| parent | c998ef820b993985e8b3d5d6e70c646037c570ac (diff) | |
Forward-port the app bundle signing from the 4.0 branch
For now, use the same quick hack as in the 4.0 branch: Just sign the
app bundle as a while, not individual dylibs. Should factor out the
code in Makefile.in that signs all dylibs. Make sure to sign the
application app bundle only, not the SDK.
Change-Id: I6b0a39354c54b0e0f5352d0fd0bdb57650dc100a
Diffstat (limited to 'solenv')
| -rwxr-xr-x | solenv/bin/modules/installer/simplepackage.pm | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/solenv/bin/modules/installer/simplepackage.pm b/solenv/bin/modules/installer/simplepackage.pm index ff18bc963f77..58cff7dbaf1a 100755 --- a/solenv/bin/modules/installer/simplepackage.pm +++ b/solenv/bin/modules/installer/simplepackage.pm @@ -410,6 +410,44 @@ sub create_package chdir $localfrom; } + else + { + if (($volume_name_classic_app eq 'LibreOffice' || $volume_name_classic_app eq 'LibreOfficeDev') && + defined($ENV{'MACOSX_CODESIGNING_IDENTITY'}) && $ENV{'MACOSX_CODESIGNING_IDENTITY'} ne "" ) + { + # Just sign the .app as a whole, which means signing + # the CFBundleExecutable from Info.plist, + # i.e. soffice, plus the contents of the Resources + # treee (which is not much, far from all of our + # non-code "resources"). + + # Don't bother here in the 4.0 branch to sign each + # individual .dylib, or each additional binary. See + # master for more work plus possibly eventually + # re-organising the app bundle structure to be more + # Mac-like (the "program" symlink, eek!) and actually + # putting all non-code resources (including extension + # scripts!) into Resources so that they participate + # in the signing and their validity can be guaranteed. + + $systemcall = "codesign --sign $ENV{'MACOSX_CODESIGNING_IDENTITY'} -v -v -v $tempdir/$packagename/$volume_name_classic_app.app"; + print "... $systemcall ...\n"; + my $returnvalue = system($systemcall); + $infoline = "Systemcall: $systemcall\n"; + push( @installer::globals::logfileinfo, $infoline); + + if ($returnvalue) + { + $infoline = "ERROR: Could not execute \"$systemcall\"!\n"; + push( @installer::globals::logfileinfo, $infoline); + } + else + { + $infoline = "Success: Executed \"$systemcall\" successfully!\n"; + push( @installer::globals::logfileinfo, $infoline); + } + } + } $systemcall = "cd $localtempdir && hdiutil makehybrid -hfs -hfs-openfolder $folder $folder -hfs-volume-name \"$volume_name\" -ov -o $installdir/tmp && hdiutil convert -ov -format UDBZ $installdir/tmp.dmg -o $archive && "; if (( $ref ne "" ) && ( $$ref ne "" )) { |