118929df93
to be installed with OpenSC core and to be used from the tools, tokend and CTK
190 lines
7.1 KiB
Bash
Executable File
190 lines
7.1 KiB
Bash
Executable File
#!/bin/bash
|
|
# Build the macOS installer for the tokend and command line tools.
|
|
#
|
|
# This is only tested and supported on macOS 10.10 or later, using Xcode 6.0.1.
|
|
# Building should also work on older macOS versions with slight changes; YMMV.
|
|
|
|
# You need to install the following packages from homebrew or macports or fink:
|
|
# autoconf automake libtool pkg-config help2man gengetopt
|
|
|
|
export MACOSX_DEPLOYMENT_TARGET="10.10"
|
|
|
|
set -ex
|
|
test -x ./configure || ./bootstrap
|
|
BUILDPATH=${PWD}
|
|
|
|
# Locate the latest OSX SDK
|
|
SDK_PATH=$(xcrun --sdk macosx --show-sdk-path)
|
|
|
|
# Set SDK path
|
|
export CFLAGS="$CFLAGS -isysroot $SDK_PATH -arch x86_64"
|
|
|
|
export SED=/usr/bin/sed
|
|
PREFIX=/Library/OpenSC
|
|
export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/lib/pkgconfig
|
|
|
|
if ! pkg-config libcrypto --atleast-version=1.0.1; then
|
|
# OpenSSL is not installed
|
|
if ! test -e $BUILDPATH/openssl_bin/$PREFIX/lib/pkgconfig; then
|
|
# Build OpenSSL manually, because Apple's binaries are deprecated
|
|
if ! test -e openssl; then
|
|
git clone --depth=1 https://github.com/openssl/openssl.git -b OpenSSL_1_0_2-stable
|
|
fi
|
|
cd openssl
|
|
KERNEL_BITS=64 ./config --prefix=$PREFIX
|
|
make clean
|
|
make update
|
|
make depend
|
|
make -j 4
|
|
make INSTALL_PREFIX=$BUILDPATH/openssl_bin install_sw
|
|
cd ..
|
|
fi
|
|
export OPENSSL_CFLAGS="`env PKG_CONFIG_PATH=$BUILDPATH/openssl_bin/$PREFIX/lib/pkgconfig PKG_CONFIG_SYSROOT_DIR=$BUILDPATH/openssl_bin pkg-config --static --cflags libcrypto`"
|
|
export OPENSSL_LIBS="` env PKG_CONFIG_PATH=$BUILDPATH/openssl_bin/$PREFIX/lib/pkgconfig PKG_CONFIG_SYSROOT_DIR=$BUILDPATH/openssl_bin pkg-config --static --libs libcrypto`"
|
|
fi
|
|
|
|
if ! test -e $BUILDPATH/openpace_bin/$PREFIX/lib/pkgconfig; then
|
|
if ! test -e openpace; then
|
|
git clone --depth=1 https://github.com/frankmorgner/openpace.git -b 1.1.0
|
|
fi
|
|
cd openpace
|
|
autoreconf -vis
|
|
./configure --disable-shared --prefix=$PREFIX CRYPTO_CFLAGS="$OPENSSL_CFLAGS" CRYPTO_LIBS="$OPENSSL_LIBS"
|
|
make DESTDIR=$BUILDPATH/openpace_bin install
|
|
cd ..
|
|
fi
|
|
export OPENPACE_CFLAGS="`env PKG_CONFIG_PATH=$BUILDPATH/openssl_bin/$PREFIX/lib/pkgconfig:$BUILDPATH/openpace_bin/$PREFIX/lib/pkgconfig PKG_CONFIG_SYSROOT_DIR=$BUILDPATH/openpace_bin pkg-config --static --cflags libeac` $OPENSSL_CFLAGS"
|
|
export OPENPACE_LIBS="` env PKG_CONFIG_PATH=$BUILDPATH/openssl_bin/$PREFIX/lib/pkgconfig:$BUILDPATH/openpace_bin/$PREFIX/lib/pkgconfig PKG_CONFIG_SYSROOT_DIR=$BUILDPATH/openpace_bin pkg-config --static --libs libeac` $OPENSSL_LIBS"
|
|
|
|
if ! test -e ${BUILDPATH}/target/$PREFIX/lib/pkgconfig; then
|
|
./configure --prefix=$PREFIX \
|
|
--sysconfdir=$PREFIX/etc \
|
|
--enable-cvcdir=$PREFIX/etc/cvc \
|
|
--enable-x509dir=$PREFIX/etc/x509 \
|
|
--enable-openssl-secure-malloc=65536 \
|
|
--disable-dependency-tracking \
|
|
--enable-shared \
|
|
--enable-static \
|
|
--enable-strict \
|
|
--disable-assert \
|
|
--enable-sm # TODO: remove this (must be sensible default in master)
|
|
|
|
# always make clean
|
|
make clean
|
|
|
|
# compile
|
|
make -j 4
|
|
|
|
# copy files
|
|
rm -rf ${BUILDPATH}/target
|
|
make install DESTDIR=${BUILDPATH}/target
|
|
|
|
# remove garbage
|
|
rm -f ${BUILDPATH}/target/$PREFIX/lib/*.la
|
|
rm -f ${BUILDPATH}/target/$PREFIX/lib/*.a
|
|
|
|
# generate .bundle (required by Adobe Acrobat)
|
|
./MacOSX/libtool-bundle ${BUILDPATH}/target/$PREFIX/lib/opensc-pkcs11.so ${BUILDPATH}/target/$PREFIX/lib
|
|
fi
|
|
|
|
|
|
if ! test -e NotificationProxy; then
|
|
git clone http://github.com/frankmorgner/NotificationProxy.git
|
|
fi
|
|
xcodebuild -target NotificationProxy -configuration Release -project NotificationProxy/NotificationProxy.xcodeproj install DSTROOT=$BUILDPATH/target/Library/OpenSC/
|
|
mkdir -p "$BUILDPATH/target/Applications"
|
|
osacompile -o "$BUILDPATH/target/Applications/OpenSC Notify.app" "MacOSX/OpenSC_Notify.applescript"
|
|
|
|
|
|
# Check out OpenSC.tokend, if not already fetched.
|
|
if ! test -e OpenSC.tokend; then
|
|
git clone http://github.com/OpenSC/OpenSC.tokend.git
|
|
fi
|
|
|
|
# Create the symlink to OpenSC sources
|
|
test -L OpenSC.tokend/build/opensc-src || ln -sf ${BUILDPATH}/src OpenSC.tokend/build/opensc-src
|
|
|
|
if (( xcodebuild -version | sed -En 's/Xcode[[:space:]]+([0-9]+)\.[0-9]*/\1/p' < 10 )); then
|
|
# Build and copy OpenSC.tokend
|
|
xcodebuild -target OpenSC -configuration Deployment -project OpenSC.tokend/Tokend.xcodeproj install DSTROOT=${BUILDPATH}/target_tokend
|
|
else
|
|
# https://github.com/OpenSC/OpenSC.tokend/issues/33
|
|
mkdir -p ${BUILDPATH}/target_tokend
|
|
fi
|
|
|
|
#if ! test -e $BUILDPATH/target/Library/Security/tokend/OpenSC.tokend/Contents/Resources/Applications/terminal-notifier.app; then
|
|
#if ! test -e terminal-notifier-1.7.1.zip; then
|
|
#curl -L https://github.com/julienXX/terminal-notifier/releases/download/1.7.1/terminal-notifier-1.7.1.zip > terminal-notifier-1.7.1.zip
|
|
#fi
|
|
#if ! test -e terminal-notifier-1.7.1; then
|
|
#unzip terminal-notifier-1.7.1.zip
|
|
#fi
|
|
#mkdir -p $BUILDPATH/target/Library/Security/tokend/OpenSC.tokend/Contents/Resources/Applications
|
|
#cp -r terminal-notifier-1.7.1/terminal-notifier.app $BUILDPATH/target/Library/Security/tokend/OpenSC.tokend/Contents/Resources/Applications
|
|
#fi
|
|
|
|
imagedir=$(mktemp -d)
|
|
|
|
# Prepare target root
|
|
mkdir -p ${BUILDPATH}/target/usr/local/bin
|
|
cp MacOSX/opensc-uninstall ${BUILDPATH}/target/usr/local/bin
|
|
|
|
# Prepare startup root
|
|
mkdir -p ${BUILDPATH}/target_startup/Library/LaunchAgents
|
|
cp src/tools/pkcs11-register.plist ${BUILDPATH}/target_startup/Library/LaunchAgents
|
|
cp src/tools/opensc-notify.plist ${BUILDPATH}/target_startup/Library/LaunchAgents
|
|
|
|
# Build OpenSCToken if possible
|
|
if test -e OpenSCToken; then
|
|
cd OpenSCToken
|
|
# make sure OpenSCToken builds with the same dependencies as before
|
|
if ! test -e OpenSC; then
|
|
git clone --depth=1 ../../OpenSC
|
|
else
|
|
cd OpenSC && git pull && cd ..
|
|
fi
|
|
if ! test -e openssl; then
|
|
git clone --depth=1 ../openssl
|
|
else
|
|
cd openssl && git pull && cd ..
|
|
fi
|
|
if ! test -e openpace; then
|
|
git clone --depth=1 ../openpace
|
|
else
|
|
cd openpace && git pull && cd ..
|
|
fi
|
|
BP=${BUILDPATH}
|
|
. ./bootstrap
|
|
BUILDPATH=${BP}
|
|
xcodebuild -target OpenSCTokenApp -configuration Debug -project OpenSCTokenApp.xcodeproj install DSTROOT=${BUILDPATH}/target_token
|
|
cd ..
|
|
else
|
|
# if no OpenSCToken is checked out, then we create a dummy package
|
|
mkdir -p ${BUILDPATH}/target_token
|
|
fi
|
|
|
|
# Build package
|
|
pkgbuild --root ${BUILDPATH}/target --scripts MacOSX/scripts --identifier org.opensc-project.mac --version @PACKAGE_VERSION@ --install-location / OpenSC.pkg
|
|
pkgbuild --root ${BUILDPATH}/target_tokend --identifier org.opensc-project.tokend --version @PACKAGE_VERSION@ --install-location / OpenSC-tokend.pkg
|
|
pkgbuild --root ${BUILDPATH}/target_token --identifier org.opensc-project.mac.opensctoken --version @PACKAGE_VERSION@ --install-location / OpenSCToken.pkg
|
|
pkgbuild --root ${BUILDPATH}/target_startup --identifier org.opensc-project.startup --version @PACKAGE_VERSION@ --install-location / OpenSC-startup.pkg
|
|
|
|
# Build product
|
|
productbuild --distribution MacOSX/Distribution.xml --package-path . --resources MacOSX/resources "${imagedir}/OpenSC @PACKAGE_VERSION@.pkg"
|
|
|
|
# Build "Uninstaller"
|
|
osacompile -o "${imagedir}/OpenSC Uninstaller.app" "MacOSX/OpenSC_Uninstaller.applescript"
|
|
|
|
# Create .dmg
|
|
rm -f OpenSC-@PACKAGE_VERSION@.dmg
|
|
i=0
|
|
while ! hdiutil create -srcfolder "${imagedir}" -volname "@PACKAGE_NAME@" -fs JHFS+ OpenSC-@PACKAGE_VERSION@.dmg
|
|
do
|
|
i=$[$i+1]
|
|
if [ $i -gt 2 ]
|
|
then
|
|
exit 1
|
|
fi
|
|
done
|
|
rm -rf ${imagedir}
|