diff options
| -rw-r--r-- | cmake/scripts/darwin_embedded/ExtraTargets.cmake | 5 | ||||
| -rwxr-xr-x | tools/darwin/Support/Codesign-topshelf.command | 17 | ||||
| -rwxr-xr-x | tools/darwin/Support/Codesign.command | 54 |
3 files changed, 50 insertions, 26 deletions
diff --git a/cmake/scripts/darwin_embedded/ExtraTargets.cmake b/cmake/scripts/darwin_embedded/ExtraTargets.cmake index 1b984f36b8..01ab6328c5 100644 --- a/cmake/scripts/darwin_embedded/ExtraTargets.cmake +++ b/cmake/scripts/darwin_embedded/ExtraTargets.cmake @@ -23,5 +23,10 @@ if(CORE_PLATFORM_NAME_LC STREQUAL tvos) XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS ${ENTITLEMENTS_OUT_PATH}) target_link_libraries(${TOPSHELF_EXTENSION_NAME} "-framework TVServices" "-framework Foundation") + add_custom_command(TARGET ${TOPSHELF_EXTENSION_NAME} POST_BUILD + COMMAND "NATIVEPREFIX=${NATIVEPREFIX}" + ${CMAKE_SOURCE_DIR}/tools/darwin/Support/Codesign-topshelf.command + ) + add_dependencies(${APP_NAME_LC} ${TOPSHELF_EXTENSION_NAME}) endif() diff --git a/tools/darwin/Support/Codesign-topshelf.command b/tools/darwin/Support/Codesign-topshelf.command new file mode 100755 index 0000000000..8b9a3ffe83 --- /dev/null +++ b/tools/darwin/Support/Codesign-topshelf.command @@ -0,0 +1,17 @@ +#!/bin/bash + +set -x + +LDID="$NATIVEPREFIX/bin/ldid" + +# Delete existing codesign and provisioning file +rm -f "${CODESIGNING_FOLDER_PATH}/embedded.mobileprovision" +rm -rf "${CODESIGNING_FOLDER_PATH}/_CodeSignature" + +# If user has not set a code_sign_identity we do a fake sign +if [ -z "${CODE_SIGN_IDENTITY}" ]; then + # Do fake sign - needed for iOS >=5.1 and tvOS >=10.2 jailbroken devices + # See http://www.saurik.com/id/8 + echo "Doing a fake sign of Top Shelf binary using ldid for jailbroken devices" + "${LDID}" -S "${CODESIGNING_FOLDER_PATH}/${EXECUTABLE_NAME}" +fi diff --git a/tools/darwin/Support/Codesign.command b/tools/darwin/Support/Codesign.command index 0fafe17ba1..e75410d4ef 100755 --- a/tools/darwin/Support/Codesign.command +++ b/tools/darwin/Support/Codesign.command @@ -2,7 +2,7 @@ set -x -#this is the list of binaries we have to sign for being able to run un-jailbroken +# This is the list of binaries we have to sign for being able to run un-jailbroken LIST_BINARY_EXTENSIONS="dylib so app" DARWIN_EMBEDDED_ENTITLEMENTS="$XBMC_DEPENDS/share/darwin_embedded_entitlements.xml" @@ -18,15 +18,9 @@ else CONTENTS_PATH="${CODESIGNING_FOLDER_PATH}" fi -if [ ! "$MACOS" ]; then - # do fake sign - needed for iOS >=5.1 and tvOS >=10.2 jailbroken devices - # see http://www.saurik.com/id/8 - "${LDID}" -S"${DARWIN_EMBEDDED_ENTITLEMENTS}" "${BUILT_PRODUCTS_DIR}/${EXECUTABLE_FOLDER_PATH}/${EXECUTABLE_NAME}" -fi - -# pull the CFBundleIdentifier out of the built xxx.app +# Pull the CFBundleIdentifier out of the built xxx.app BUNDLEID=$(/usr/libexec/PlistBuddy -c 'Print :CFBundleIdentifier' "${CONTENTS_PATH}/Info.plist") -echo "CFBundleIdentifier is ${BUNDLEID}" +echo "CFBundleIdentifier is '${BUNDLEID}'" # Prefer the expanded name, if available. CODE_SIGN_IDENTITY_FOR_ITEMS="${EXPANDED_CODE_SIGN_IDENTITY_NAME}" @@ -34,27 +28,21 @@ if [ "${CODE_SIGN_IDENTITY_FOR_ITEMS}" = "" ] ; then # Fall back to old behavior. CODE_SIGN_IDENTITY_FOR_ITEMS="${CODE_SIGN_IDENTITY}" fi -echo "${CODE_SIGN_IDENTITY_FOR_ITEMS}" - -if [ ! "$MACOS" ]; then - if [ -f "${CONTENTS_PATH}/embedded.mobileprovision" ]; then - rm -f "${CONTENTS_PATH}/embedded.mobileprovision" - fi -fi +echo "Code sign identity is '${CODE_SIGN_IDENTITY_FOR_ITEMS}'" -# delete existing codesigning -if [ -d "${CONTENTS_PATH}/_CodeSignature" ]; then - rm -r "${CONTENTS_PATH}/_CodeSignature" -fi +# Delete existing codesign and provisioning file +rm -f "${CONTENTS_PATH}/embedded.mobileprovision" +rm -rf "${CONTENTS_PATH}/_CodeSignature" -#if user has set a code_sign_identity different from iPhone Developer we do a real codesign (for deployment on non-jailbroken devices) +# If user has set a code_sign_identity we do a real codesign (for deployment on non-jailbroken devices) if ! [ -z "${CODE_SIGN_IDENTITY_FOR_ITEMS}" ]; then if egrep -q --max-count=1 -e '^iPhone (Developer|Distribution): ' -e '^Apple (Development|Distribution): ' -e '^[[:xdigit:]]+$' -e '^Developer ID Application: ' <<<"${CODE_SIGN_IDENTITY_FOR_ITEMS}"; then - echo "Doing a full bundle sign using genuine identity ${CODE_SIGN_IDENTITY_FOR_ITEMS}" + echo "Doing a full bundle sign using genuine identity '${CODE_SIGN_IDENTITY_FOR_ITEMS}'" + for binext in $LIST_BINARY_EXTENSIONS do - echo "Signing binary: $binext" - # check if at least 1 file with the extension exists to sign, otherwise do nothing + echo "Signing binaries with '$binext' extension" + # Check if at least 1 file with the extension exists to sign, otherwise do nothing FINDOUTPUT=$(find "${CONTENTS_PATH}" -iname "*.$binext" -type f) if [ `echo $FINDOUTPUT | wc -l` != 0 ]; then for singlefile in $FINDOUTPUT; do @@ -73,7 +61,7 @@ if ! [ -z "${CODE_SIGN_IDENTITY_FOR_ITEMS}" ]; then done if [ "$MACOS" ]; then - #sign and repackage python eggs for osx + # Sign and repackage python eggs for osx EGGS=$(find "${CONTENTS_PATH}" -iname "*.egg" -type f) echo "Signing Eggs" for i in $EGGS; do @@ -82,7 +70,7 @@ if ! [ -z "${CODE_SIGN_IDENTITY_FOR_ITEMS}" ]; then unzip -q $i -d del for binext in $LIST_BINARY_EXTENSIONS do - # check if at least 1 file with the extension exists to sign, otherwise do nothing + # Check if at least 1 file with the extension exists to sign, otherwise do nothing FINDOUTPUT=$(find ./del/ -iname "*.$binext" -type f) if [ `echo $FINDOUTPUT | wc -l` != 0 ]; then for singlefile in $FINDOUTPUT; do @@ -96,4 +84,18 @@ if ! [ -z "${CODE_SIGN_IDENTITY_FOR_ITEMS}" ]; then done fi fi +elif [ ! "$MACOS" ]; then + # Do fake sign - needed for iOS >=5.1 and tvOS >=10.2 jailbroken devices + # See http://www.saurik.com/id/8 + echo "Doing a fake sign using ldid for jailbroken devices (main kodi binary and all Mach-O files)" + + # Main 'kodi' binary + "${LDID}" -S"${DARWIN_EMBEDDED_ENTITLEMENTS}" "${CONTENTS_PATH}/${EXECUTABLE_NAME}" + + # All Mach-O files (except TopShelf) + for f in $(find "${CONTENTS_PATH}/AppData" "${CONTENTS_PATH}/Frameworks" -type f); do + if [[ $(file ${f}) == *"Mach-O"* ]]; then + "${LDID}" -S "${f}" + fi + done fi |