diff options
| author | Gerald Combs <gerald@wireshark.org> | 2013-11-11 19:22:06 +0000 |
|---|---|---|
| committer | Gerald Combs <gerald@wireshark.org> | 2013-11-11 19:22:06 +0000 |
| commit | 68682d932759759014f2199407514f26063af53d (patch) | |
| tree | 1bff12452d94bc8744263b92d52c61e3250843ce /packaging | |
| parent | 44c8e5a022e64004a529bc490f02fcf20660e609 (diff) | |
| download | wireshark-68682d932759759014f2199407514f26063af53d.tar.gz wireshark-68682d932759759014f2199407514f26063af53d.tar.bz2 wireshark-68682d932759759014f2199407514f26063af53d.zip | |
Start backporting code and package signing from the trunk.
svn path=/trunk-1.10/; revision=53251
Diffstat (limited to 'packaging')
| -rwxr-xr-x | packaging/macosx/osx-app.sh | 29 | ||||
| -rwxr-xr-x | packaging/macosx/osx-dmg.sh.in | 17 |
2 files changed, 46 insertions, 0 deletions
diff --git a/packaging/macosx/osx-app.sh b/packaging/macosx/osx-app.sh index e3bcd69a37..9ea3581bc9 100755 --- a/packaging/macosx/osx-app.sh +++ b/packaging/macosx/osx-app.sh @@ -56,6 +56,7 @@ binary_list=" tshark wireshark " +cs_binary_list= # Location for libraries (macosx-setup.sh defaults to whatever the # various support libraries use as their standard installation location, @@ -230,6 +231,7 @@ echo -e "\nFilling app bundle and utility directory...\n" for binary in $binary_list ; do # Copy the binary to its destination dest_path="$pkgbin/$binary-bin" + cs_binary_list="$cs_binary_list $dest_path" cp -v "$binary_path/$binary" "$dest_path" # TODO Add a "$verbose" variable and command line switch, which sets wether these commands are verbose or not @@ -380,6 +382,33 @@ if [ "$strip" = "true" ]; then strip -ur "$binpath" fi +codesign_file () { + codesign --sign "Developer ID Application: $CODE_SIGN_IDENTITY" --verbose "$1" + codesign --verify --verbose "$1" || exit 1 + spctl --assess --type execute "$1" || exit 1 +} + +if [ -n "$CODE_SIGN_IDENTITY" ] ; then + security find-identity -v -s "$CODE_SIGN_IDENTITY" -p codesigning + + echo "Signing executables" + for binary in $cs_binary_list ; do + codesign_file "$binary" + done + echo "Signing libraries" + for library in $pkglib/*.dylib ; do + codesign_file "$library" + done + echo "Signing plugins" + for plugin in $pkgplugin/*.so ; do + codesign_file "$plugin" + done + echo "Signing $bundle" + codesign_file "$bundle" +else + echo "Code signing not performed (no identity)" +fi + # NOTE: This works for all the dylibs but causes GTK to crash at startup. # Instead we leave them with their original install_names and set # DYLD_LIBRARY_PATH within the app bundle before running Wireshark. diff --git a/packaging/macosx/osx-dmg.sh.in b/packaging/macosx/osx-dmg.sh.in index 8d2abbe181..ce47f8477d 100755 --- a/packaging/macosx/osx-dmg.sh.in +++ b/packaging/macosx/osx-dmg.sh.in @@ -144,9 +144,26 @@ pkg_file="$pkg_title.pkg" rm -rf "$pkg_file" packagemaker --doc "Wireshark_package.pmdoc" \ --title "$pkg_title" \ + --id "org.wireshark.pkg.Wireshark" \ --version "$version" \ + --target 10.5 \ --verbose || exit 1 +if [ -n "$CODE_SIGN_IDENTITY" ] ; then + pkg_file_unsigned="$pkg_title UNSIGNED.pkg" + + echo -e "Signing $pkg_file" + mv "$pkg_file" "$pkg_file_unsigned" || exit 1 + productsign --sign "Developer ID Installer: $CODE_SIGN_IDENTITY" "$pkg_file_unsigned" "$pkg_file" || exit 1 + spctl --assess --type install "$pkg_file" || exit 1 + pkgutil --check-signature "$pkg_file" || exit 1 + shasum "$pkg_file" + rm -rf "$pkg_dir_unsigned" "$pkg_file_unsigned" "$pkg_file_flattened" +else + echo "Code signing not performed (no identity)" +fi + + echo -e "\nCREATE WIRESHARK DISK IMAGE\n" img_name="$pkg_title.dmg" |