Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Use precompiled code sign requirements to keep compatibility with 10.5+.

Note: code sign requirements must be compiled on 10.5 to be compatible with it.
  • Loading branch information...
commit da08c7d24fb325c971dd300db0d586feb1620e2a 1 parent da8a8e3
@dak180 dak180 authored
View
BIN  Resources/codesignrequirement.csreq
Binary file not shown
View
9 Resources/codesignrequirement.txt
@@ -0,0 +1,9 @@
+designated => (
+ certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */
+or
+ certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */
+ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */
+ and certificate leaf[subject.OU] = KUU2LM7U9K
+)
+and anchor apple generic
+and identifier "uk.co.opencommunity.vienna2"
View
2  Vienna.xcodeproj/project.pbxproj
@@ -949,6 +949,7 @@
430C4AE0166175C20079C9FC /* Vienna-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; name = "Vienna-Info.plist"; path = "Resources/Vienna-Info.plist"; sourceTree = SOURCE_ROOT; };
430C4B001661F3270079C9FC /* CS-ID.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; name = "CS-ID.xcconfig"; path = "configs/CS-ID.xcconfig"; sourceTree = SOURCE_ROOT; };
432E5192165D65AF00A8640E /* Project-All.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; name = "Project-All.xcconfig"; path = "configs/Project-All.xcconfig"; sourceTree = SOURCE_ROOT; };
+ 434D6B8516937615008CBE8C /* codesignrequirement.txt */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = codesignrequirement.txt; path = Resources/codesignrequirement.txt; sourceTree = SOURCE_ROOT; };
43501CF9165D73C70018EDB7 /* Vienna-All.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; name = "Vienna-All.xcconfig"; path = "configs/Vienna-All.xcconfig"; sourceTree = SOURCE_ROOT; };
43501CFA165D73C70018EDB7 /* Vienna-Dep.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; name = "Vienna-Dep.xcconfig"; path = "configs/Vienna-Dep.xcconfig"; sourceTree = SOURCE_ROOT; };
43501CFB165D73C70018EDB7 /* Vienna-Dev.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; name = "Vienna-Dev.xcconfig"; path = "configs/Vienna-Dev.xcconfig"; sourceTree = SOURCE_ROOT; };
@@ -2006,6 +2007,7 @@
43EE754D165E832C000997FB /* Default Lists */,
43EE754E165E83D6000997FB /* UI Images */,
43EE7551165EA910000997FB /* lproj */,
+ 434D6B8516937615008CBE8C /* codesignrequirement.txt */,
43B4611E1690982D00F6EC9A /* ResourceRules.plist */,
430C4AE0166175C20079C9FC /* Vienna-Info.plist */,
);
View
3  configs/scripts/Make-ID-Template.sh
@@ -5,6 +5,9 @@ if [ ! -f configs/CS-ID.xcconfig ]; then
// Global settings for Code Signing
CODE_SIGN_IDENTITY =
+PRIVATE_KEY_PATH =
+
+CODE_SIGN_REQUIREMENTS_PATH = "$(SRCROOT)/Resources/codesignrequirement.csreq"
CODE_SIGN_RESOURCE_RULES_PATH = "$(SRCROOT)/Resources/ResourceRules.plist"
EOF
View
11 configs/scripts/Release-for-upload.sh
@@ -30,23 +30,24 @@ DOWNLOAD_BASE_URL="${DOWNLOAD_BASE_URL}/${DOWNLOAD_SUB_DIR}/${DOWNLOAD_TAG_DIR}"
function signd {
if [ ! -z "${CODE_SIGN_IDENTITY}" ]; then
# Local Config
+ local appth="${1}"
local idetd="${CODE_SIGN_IDENTITY}"
local resrul="${CODE_SIGN_RESOURCE_RULES_PATH}"
- local appth="${1}"
+ local csreq="${CODE_SIGN_REQUIREMENTS_PATH}"
# Sign and verify the app
- if [ ! -z "${resrul}" ]; then
+ if [[ ! -z "${resrul}" ]] && [[ ! -z "${csreq}" ]]; then
cp -a "${resrul}" "${appth}/ResourceRules.plist"
- codesign -f -s "${idetd}" --resource-rules="${appth}/ResourceRules.plist" -vvv "${appth}"
+ codesign -f --sign "${idetd}" --resource-rules="${appth}/ResourceRules.plist" --requirements "${csreq}" -vvv "${appth}"
rm "${appth}/ResourceRules.plist"
else
- codesign -f -s "${idetd}" -vvv "${appth}"
+ codesign -f --sign "${idetd}" --requirements "${csreq}" -vvv "${appth}"
fi
if ! codesign -vvv --verify "${appth}"; then
echo "warning: Code is improperly signed!" 1>&2
fi
else
- echo "warning: No code signing identity configured; code will not be signed." 1>&2
+ echo "warning: No Code Signing Identity configured or no Code Signing Requirement configured; code will not be signed." 1>&2
fi
}
Please sign in to comment.
Something went wrong with that request. Please try again.