giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

mac: use dedicated entitlements for binaries and scripts 

fixes the codesigning issue with the unknown blobs in the entitlements

(missing "/" to complete blob)
This commit is contained in:
Frank Morgner 2021-03-16 10:24:18 +01:00
parent f46b617397
commit 63e6683384
3 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
MacOSX/OpenSC_applescripts.entitlements Normal file
View File

@ -0,0 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<false/>
<key>com.apple.security.automation.apple-events</key>
<true/>
</dict>
</plist>

2
MacOSX/OpenSC_Uninstaller.entitlements → MacOSX/OpenSC_binaries.entitlements
View File

@ -5,8 +5,6 @@
<key>com.apple.security.app-sandbox</key>
<false/>
<key>com.apple.security.cs.disable-library-validation</key>
<true>
<key>com.apple.security.automation.apple-events</key>
<true/>
</dict>
</plist>

6
MacOSX/build-package.in
View File

@ -99,7 +99,7 @@ fi
mkdir -p "$BUILDPATH/target/Applications/Utilities"
osacompile -o "$BUILDPATH/target/Applications/Utilities/OpenSC Notify.app" "MacOSX/OpenSC_Notify.applescript"
if test -n "${CODE_SIGN_IDENTITY}"; then
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_Uninstaller.entitlements --deep --timestamp --options runtime "$BUILDPATH/target/Applications/Utilities/OpenSC Notify.app"
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_applescripts.entitlements --deep --timestamp --options runtime "$BUILDPATH/target/Applications/Utilities/OpenSC Notify.app"
fi
@ -185,7 +185,7 @@ if test -n "${CODE_SIGN_IDENTITY}"; then
do
# find executable files and run codesign on them
find ${d} -type f -perm +111 -print -exec \
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_Uninstaller.entitlements --deep --timestamp --options runtime {} \;
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_binaries.entitlements --deep --timestamp --options runtime {} \;
done
fi
@ -208,7 +208,7 @@ fi
# Build "Uninstaller"
osacompile -o "${imagedir}/OpenSC Uninstaller.app" "MacOSX/OpenSC_Uninstaller.applescript"
if test -n "${CODE_SIGN_IDENTITY}"; then
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_Uninstaller.entitlements --deep --timestamp --options runtime "${imagedir}/OpenSC Uninstaller.app"
codesign --force --sign "${CODE_SIGN_IDENTITY}" --entitlements MacOSX/OpenSC_applescripts.entitlements --deep --timestamp --options runtime "${imagedir}/OpenSC Uninstaller.app"
fi
# Create .dmg