mirrors/nextcloud-desktop
1
0
Fork 0
mirror of https://github.com/nextcloud/desktop.git synced 2024-11-22 04:55:48 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #7524 from nextcloud/bugfix/more-escapes-mac-crafter

Browse source 
Also escape codesign call with saving entitlements
This commit is contained in:
Claudio Cambra 2024-11-20 16:57:43 +08:00 committed by GitHub
commit 5f62cd8b7d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 12 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
admin/osx/mac-crafter/Sources/Utils/Codesign.swift
View file

@ -14,6 +14,8 @@
import Foundation import Foundation
fileprivate let defaultCodesignOptions = "--timestamp --force --preserve-metadata=entitlements --verbose=4 --options runtime --deep"
enum CodeSigningError: Error { enum CodeSigningError: Error {
case failedToCodeSign(String) case failedToCodeSign(String)
} }
@ -30,11 +32,7 @@ func isAppExtension(_ path: String) -> Bool {
path.hasSuffix(".appex") path.hasSuffix(".appex")
} }
func codesign( func codesign(identity: String, path: String, options: String = defaultCodesignOptions) throws {
identity: String,
path: String,
options: String = "--timestamp --force --preserve-metadata=entitlements --verbose=4 --options runtime --deep"
) throws {
print("Code-signing \(path)...") print("Code-signing \(path)...")
let command = "codesign -s \"\(identity)\" \(options) \"\(path)\"" let command = "codesign -s \"\(identity)\" \(options) \"\(path)\""
guard shell(command) == 0 else { guard shell(command) == 0 else {
@ -42,7 +40,11 @@ func codesign(
} }
} }
func recursivelyCodesign(path: String, identity: String) throws { func recursivelyCodesign(
path: String,
identity: String,
options: String = defaultCodesignOptions
) throws {
let fm = FileManager.default let fm = FileManager.default
guard let pathEnumerator = fm.enumerator(atPath: path) else { guard let pathEnumerator = fm.enumerator(atPath: path) else {
throw AppBundleSigningError.couldNotEnumerate( throw AppBundleSigningError.couldNotEnumerate(
@ -57,7 +59,7 @@ func recursivelyCodesign(path: String, identity: String) throws {
} }
func saveCodesignEntitlements(target: String, path: String) throws { func saveCodesignEntitlements(target: String, path: String) throws {
let command = "codesign -d --entitlements \(path) --xml \(target)" let command = "codesign -d --entitlements \"\(path)\" --xml \"\(target)\""
guard shell(command) == 0 else { guard shell(command) == 0 else {
throw CodeSigningError.failedToCodeSign("Failed to save entitlements for \(target).") throw CodeSigningError.failedToCodeSign("Failed to save entitlements for \(target).")
} }
@ -92,8 +94,8 @@ func codesignClientAppBundle(
print("Code-signing Sparkle autoupdater app (without entitlements)...") print("Code-signing Sparkle autoupdater app (without entitlements)...")
let sparkleFrameworkPath = "\(frameworksPath)/Sparkle.framework" let sparkleFrameworkPath = "\(frameworksPath)/Sparkle.framework"
try codesign(identity: codeSignIdentity, try recursivelyCodesign(path: "\(sparkleFrameworkPath)/Resources/Autoupdate.app",
path: "\(sparkleFrameworkPath)/Resources/Autoupdate.app/Contents/MacOS/*", identity: codeSignIdentity,
options: "--timestamp --force --verbose=4 --options runtime --deep") options: "--timestamp --force --verbose=4 --options runtime --deep")
print("Re-codesigning Sparkle library...") print("Re-codesigning Sparkle library...")