OLD | NEW |
1 #!/bin/bash -p | 1 #!/bin/bash -p |
2 | 2 |
3 # Copyright (c) 2012 The Chromium Authors. All rights reserved. | 3 # Copyright (c) 2012 The Chromium Authors. All rights reserved. |
4 # Use of this source code is governed by a BSD-style license that can be | 4 # Use of this source code is governed by a BSD-style license that can be |
5 # found in the LICENSE file. | 5 # found in the LICENSE file. |
6 | 6 |
7 # Using codesign, sign the application. After signing, the signatures on the | 7 # Using codesign, sign the application. After signing, the signatures on the |
8 # inner bundle components are verified, and the application's own signature is | 8 # inner bundle components are verified, and the application's own signature is |
9 # verified. Inner bundle components are expected to be signed before this | 9 # verified. Inner bundle components are expected to be signed before this |
10 # script is called. See sign_versioned_dir.sh. | 10 # script is called. See sign_versioned_dir.sh. |
(...skipping 30 matching lines...) Expand all Loading... |
41 | 41 |
42 browser_app="${app_path}" | 42 browser_app="${app_path}" |
43 framework="${versioned_dir}/@MAC_PRODUCT_NAME@ Framework.framework" | 43 framework="${versioned_dir}/@MAC_PRODUCT_NAME@ Framework.framework" |
44 notification_service="${framework}/XPCServices/AlertNotificationService.xpc" | 44 notification_service="${framework}/XPCServices/AlertNotificationService.xpc" |
45 crashpad_handler="${framework}/Helpers/crashpad_handler" | 45 crashpad_handler="${framework}/Helpers/crashpad_handler" |
46 helper_app="${versioned_dir}/@MAC_PRODUCT_NAME@ Helper.app" | 46 helper_app="${versioned_dir}/@MAC_PRODUCT_NAME@ Helper.app" |
47 | 47 |
48 requirement_string="\ | 48 requirement_string="\ |
49 designated => \ | 49 designated => \ |
50 (identifier \"com.google.Chrome\" or identifier \"com.google.Chrome.canary\") \ | 50 (identifier \"com.google.Chrome\" or identifier \"com.google.Chrome.canary\") \ |
51 and certificate leaf = H\"85cee8254216185620ddc8851c7a9fc4dfe120ef\"\ | 51 and (certificate leaf = H\"85cee8254216185620ddc8851c7a9fc4dfe120ef\" or \ |
| 52 certificate leaf = H\"34f0bdf7f87d4f3a955862c351472e52250e4c2b\") \ |
52 " | 53 " |
53 | 54 |
54 enforcement_flags="restrict" | 55 enforcement_flags="restrict" |
55 | 56 |
56 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ | 57 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ |
57 "${browser_app}" --resource-rules "${browser_app_rules}" \ | 58 "${browser_app}" --resource-rules "${browser_app_rules}" \ |
58 -r="${requirement_string}" --options "${enforcement_flags}" | 59 -r="${requirement_string}" --options "${enforcement_flags}" |
59 | 60 |
60 # Show the signature. | 61 # Show the signature. |
61 codesign --display -r- -vvvvvv "${browser_app}" | 62 codesign --display -r- -vvvvvv "${browser_app}" |
(...skipping 17 matching lines...) Expand all Loading... |
79 | 80 |
80 cleanup() { | 81 cleanup() { |
81 set +e | 82 set +e |
82 rm -rf "${temp_dir}" | 83 rm -rf "${temp_dir}" |
83 } | 84 } |
84 trap cleanup EXIT | 85 trap cleanup EXIT |
85 | 86 |
86 temp_browser_app="${temp_dir}/$(basename "${browser_app}")" | 87 temp_browser_app="${temp_dir}/$(basename "${browser_app}")" |
87 rsync -a "${browser_app}/" "${temp_browser_app}" | 88 rsync -a "${browser_app}/" "${temp_browser_app}" |
88 spctl --assess -vv "${temp_browser_app}" | 89 spctl --assess -vv "${temp_browser_app}" |
OLD | NEW |