Well, first patch had a little mistake. I attached an update...
From 4e19b766ff26a73f4667d8f88ab6ad64c40c37d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Klitzing?= <aklitz...@gmail.com> Date: Fri, 26 Sep 2014 09:28:02 +0200 Subject: [PATCH] Add support for codesign on MacOS
--- Modules/CPackDMG.cmake | 24 +++++++ Source/CPack/cmCPackBundleGenerator.cxx | 18 ++++- Source/CPack/cmCPackBundleGenerator.h | 1 + Source/CPack/cmCPackDragNDropGenerator.cxx | 108 +++++++++++++++++++++++++++++ Source/CPack/cmCPackDragNDropGenerator.h | 1 + 5 files changed, 151 insertions(+), 1 deletion(-) diff --git a/Modules/CPackDMG.cmake b/Modules/CPackDMG.cmake index b7a6ba5..fb9fe39 100644 --- a/Modules/CPackDMG.cmake +++ b/Modules/CPackDMG.cmake @@ -36,6 +36,23 @@ # background image is set. The background image is applied after applying the # custom .DS_Store file. # +# +# +# .. variable:: CPACK_APPLE_CERT_APP +# The name of your Apple supplied code signing certificate for the application. +# The name usually takes the form "Developer ID Application: [Name]" or +# "3rd Party Mac Developer Application: [Name]". If this variable is not set +# the application will not be signed. +# +# .. variable:: CPACK_APPLE_ENTITLEMENTS +# The name of the plist file that contains your apple entitlements for sandboxing +# your application. This file is required for submission to the Mac App Store. +# +# .. variable:: CPACK_APPLE_CODESIGN_FILES +# A list of additional files that you wish to be signed. You do not need to +# list the main application folder, or the main executable. You should +# list any frameworks and plugins that are included in your app bundle. +# # .. variable:: CPACK_COMMAND_HDIUTIL # # Path to the hdiutil(1) command used to operate on disk image files on Mac @@ -54,6 +71,13 @@ # Path to the Rez(1) command used to compile resources on Mac OS X. This # variable can be used to override the automatically detected command (or # specify its location if the auto-detection fails to find it.) +# +# .. variable:: CPACK_COMMAND_CODESIGN +# Path to the codesign(1) command used to sign applications with an +# Apple cert. This variable can be used to override the automatically +# detected command (or specify its location if the auto-detection fails +# to find it.) +# #============================================================================= # Copyright 2006-2012 Kitware, Inc. diff --git a/Source/CPack/cmCPackBundleGenerator.cxx b/Source/CPack/cmCPackBundleGenerator.cxx index 6c994f1..c5f7139 100644 --- a/Source/CPack/cmCPackBundleGenerator.cxx +++ b/Source/CPack/cmCPackBundleGenerator.cxx @@ -53,7 +53,7 @@ const char* cmCPackBundleGenerator::GetPackagingInstallPrefix() } //---------------------------------------------------------------------- -int cmCPackBundleGenerator::PackageFiles() +int cmCPackBundleGenerator::ConstructAppBundle() { // Get required arguments ... @@ -165,6 +165,22 @@ int cmCPackBundleGenerator::PackageFiles() cmSystemTools::SetPermissions(command_target.str().c_str(), 0777); } + return 1; +} + +//---------------------------------------------------------------------- +int cmCPackBundleGenerator::PackageFiles() +{ + if(!this->ConstructAppBundle()) + { + return 0; + } + + if(!this->SignPackage(toplevel)) + { + return 0; + } + return this->CreateDMG(toplevel, packageFileNames[0]); } diff --git a/Source/CPack/cmCPackBundleGenerator.h b/Source/CPack/cmCPackBundleGenerator.h index ed0187d..fa9f2fa 100644 --- a/Source/CPack/cmCPackBundleGenerator.h +++ b/Source/CPack/cmCPackBundleGenerator.h @@ -31,6 +31,7 @@ public: protected: virtual int InitializeInternal(); virtual const char* GetPackagingInstallPrefix(); + int ConstructAppBundle(); int PackageFiles(); bool SupportsComponentInstallation() const; diff --git a/Source/CPack/cmCPackDragNDropGenerator.cxx b/Source/CPack/cmCPackDragNDropGenerator.cxx index 9f0a77e..b797701 100644 --- a/Source/CPack/cmCPackDragNDropGenerator.cxx +++ b/Source/CPack/cmCPackDragNDropGenerator.cxx @@ -103,6 +103,17 @@ int cmCPackDragNDropGenerator::InitializeInternal() } this->SetOptionIfNotSet("CPACK_COMMAND_REZ", rez_path.c_str()); + const std::string codesign_path = cmSystemTools::FindProgram("codesign", + std::vector<std::string>(), false); + if(codesign_path.empty()) + { + cmCPackLogger(cmCPackLog::LOG_ERROR, + "Cannot locate codesign command" + << std::endl); + return 0; + } + this->SetOptionIfNotSet("CPACK_COMMAND_CODESIGN", codesign_path.c_str()); + return this->Superclass::InitializeInternal(); } @@ -216,6 +227,103 @@ bool cmCPackDragNDropGenerator::RunCommand(cmOStringStream& command, return true; } +int cmCPackDragNDropGenerator::SignPackage(const std::string& src_dir) +{ + // Get optional arguments ... + const std::string cpack_apple_cert_app = + this->GetOption("CPACK_APPLE_CERT_APP") + ? this->GetOption("CPACK_APPLE_CERT_APP") : ""; + + //A list of additional files to sign, ie. frameworks and plugins. + const std::string sign_files = + this->GetOption("CPACK_APPLE_CODESIGN_FILES") + ? this->GetOption("CPACK_APPLE_CODESIGN_FILES") : ""; + + cmOStringStream staging; + staging << src_dir; + + //Optionally codesign the application. + if(!cpack_apple_cert_app.empty()) + { + std::string bundle_path; + bundle_path = staging.str() + "/"; + bundle_path += this->GetOption("CPACK_BUNDLE_NAME"); + bundle_path += ".app"; + + std::vector<std::string> relFiles; + + cmSystemTools::ExpandListArgument(sign_files, relFiles); + + //sign the files supplied by the user, ie. frameworks. + for(std::vector<std::string>::iterator it = relFiles.begin(); + it != relFiles.end(); ++it) + { + cmOStringStream temp_sign_file_cmd; + temp_sign_file_cmd << this->GetOption("CPACK_COMMAND_CODESIGN"); + temp_sign_file_cmd << " --deep -f -s \"" << cpack_apple_cert_app; + temp_sign_file_cmd << "\" -i "; + temp_sign_file_cmd << this->GetOption("CPACK_APPLE_BUNDLE_ID"); + temp_sign_file_cmd << " \""; + temp_sign_file_cmd << bundle_path; + temp_sign_file_cmd << it->c_str() << "\""; + + if(!this->RunCommand(temp_sign_file_cmd)) + { + cmCPackLogger(cmCPackLog::LOG_ERROR, + "Error signing file:" + << bundle_path << it->c_str() << std::endl); + + return 0; + } + } + + //sign main binary + cmOStringStream temp_sign_binary_cmd; + temp_sign_binary_cmd << this->GetOption("CPACK_COMMAND_CODESIGN"); + temp_sign_binary_cmd << " --deep -f -s \"" << cpack_apple_cert_app; + temp_sign_binary_cmd << "\" \"" << bundle_path << "\""; + + if(!this->RunCommand(temp_sign_binary_cmd)) + { + cmCPackLogger(cmCPackLog::LOG_ERROR, + "Error signing the application binary." + << std::endl); + + return 0; + } + + //sign app bundle + cmOStringStream temp_codesign_cmd; + temp_codesign_cmd << this->GetOption("CPACK_COMMAND_CODESIGN"); + temp_codesign_cmd << " --deep -f -s \"" << cpack_apple_cert_app << "\""; + if(this->GetOption("CPACK_APPLE_ENTITLEMENTS")) + { + temp_codesign_cmd << " --entitlements "; + temp_codesign_cmd << this->GetOption("CPACK_APPLE_ENTITLEMENTS"); + } + temp_codesign_cmd << " \"" << bundle_path << "\""; + + if(!this->RunCommand(temp_codesign_cmd)) + { + cmCPackLogger(cmCPackLog::LOG_ERROR, + "Error signing the application package." + << std::endl); + + return 0; + } + + cmCPackLogger(cmCPackLog::LOG_OUTPUT, + "- Application has been codesigned" + << std::endl); + cmCPackLogger(cmCPackLog::LOG_VERBOSE, + (this->GetOption("CPACK_APPLE_ENTITLEMENTS") + ? "with entitlement sandboxing" : "without entitlement sandboxing") + << std::endl); + } + + return 1; +} + //---------------------------------------------------------------------- int cmCPackDragNDropGenerator::CreateDMG(const std::string& src_dir, const std::string& output_file) diff --git a/Source/CPack/cmCPackDragNDropGenerator.h b/Source/CPack/cmCPackDragNDropGenerator.h index 808c618..b852422 100644 --- a/Source/CPack/cmCPackDragNDropGenerator.h +++ b/Source/CPack/cmCPackDragNDropGenerator.h @@ -39,6 +39,7 @@ protected: std::string GetComponentInstallDirNameSuffix(const std::string& componentName); + int SignPackage(const std::string& src_dir); int CreateDMG(const std::string& src_dir, const std::string& output_file); std::string InstallPrefix; -- 2.1.1
-- Powered by www.kitware.com Please keep messages on-topic and check the CMake FAQ at: http://www.cmake.org/Wiki/CMake_FAQ Kitware offers various services to support the CMake community. For more information on each offering, please visit: CMake Support: http://cmake.org/cmake/help/support.html CMake Consulting: http://cmake.org/cmake/help/consulting.html CMake Training Courses: http://cmake.org/cmake/help/training.html Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html Follow this link to subscribe/unsubscribe: http://public.kitware.com/mailman/listinfo/cmake-developers