adium/adium

Fix code signing to: 1) sign the bundle deeply 2) not depend on each signed bundle having bundle ID com.adiumX.adiumX
adium-1.5.10.3
2017-03-23, Evan D. Schoenberg, M.D.
495038a4da5d
Parents 0ef4aed3d7b7
Children fa26ff639b88
Fix code signing to: 1) sign the bundle deeply 2) not depend on each signed bundle having bundle ID com.adiumX.adiumX
1 files changed, 15 insertions(+), 2 deletions(-)
  • +15 -2
    Release/Makefile
    • --- a/Release/Makefile Thu Mar 23 15:13:30 2017 -0400
    +++ b/Release/Makefile Thu Mar 23 15:25:33 2017 -0400
    @@ -92,6 +92,9 @@
    PLIST_DIR=`pwd`/../Plists
    ADIUM_PLIST=$(PLIST_DIR)/Info
    +SIGNING_CERT_NAME="Developer ID Application: Instant Messaging Freedom, Inc."
    +SIGNING_REQUIREMENTS="=designated => anchor apple generic and ((cert leaf[field.1.2.840.113635.100.6.1.9] exists) or ( certificate 1[field.1.2.840.113635.100.6.2.6] exists and certificate leaf[field.1.2.840.113635.100.6.1.13] exists and certificate leaf[subject.OU] = \"VQ6ZEL8UD3\" ))"
    +
    ###########
    # Targets
    ###########
    @@ -164,8 +167,18 @@
    if [ -e ~/adium-password ]; then \
    security unlock-keychain -p `cat ~/adium-password`; \
    fi
    - codesign --verbose --force --sign "Developer ID Application: Instant Messaging Freedom, Inc." --requirements "=designated => anchor apple generic and identifier \"com.adiumX.adiumX\" and ((cert leaf[field.1.2.840.113635.100.6.1.9] exists) or ( certificate 1[field.1.2.840.113635.100.6.2.6] exists and certificate leaf[field.1.2.840.113635.100.6.1.13] exists and certificate leaf[subject.OU] = \"VQ6ZEL8UD3\" ))" $(ADIUM_DIR)/Adium.app/Contents/Resources/AdiumApplescriptRunner
    - codesign --verbose --force --sign "Developer ID Application: Instant Messaging Freedom, Inc." --requirements "=designated => anchor apple generic and identifier \"com.adiumX.adiumX\" and ((cert leaf[field.1.2.840.113635.100.6.1.9] exists) or ( certificate 1[field.1.2.840.113635.100.6.2.6] exists and certificate leaf[field.1.2.840.113635.100.6.1.13] exists and certificate leaf[subject.OU] = \"VQ6ZEL8UD3\" ))" $(ADIUM_DIR)/Adium.app
    +
    + @# One approach would be to sign each framework and other bundle individually....
    + @# codesign --verbose --force --sign $(SIGNING_CERT_NAME) --deep --requirements $(SIGNING_REQUIREMENTS) $(ADIUM_DIR)/Adium.app/Contents/Frameworks/*.framework
    + @# codesign --verbose --force --sign $(SIGNING_CERT_NAME) --requirements $(SIGNING_REQUIREMENTS) $(ADIUM_DIR)/Adium.app/Contents/Library/Spotlight/*.mdimporter
    + @# codesign --verbose --force --sign $(SIGNING_CERT_NAME) --requirements $(SIGNING_REQUIREMENTS) $(ADIUM_DIR)/Adium.app/Contents/Resources/AdiumApplescriptRunner
    + @# codesign --verbose --force --sign $(SIGNING_CERT_NAME) --requirements $(SIGNING_REQUIREMENTS) $(ADIUM_DIR)/Adium.app
    +
    + @# However, it appears fine to use --deep and get it all recursively
    + codesign --verbose --force --deep --sign $(SIGNING_CERT_NAME) --requirements $(SIGNING_REQUIREMENTS) $(ADIUM_DIR)/Adium.app
    +
    + @# verify successful signing of the full bundle
    + codesign --verbose --verify --deep $(ADIUM_DIR)/Adium.app
    endif
    createfolder: