| Index: chrome_mac/Google Chrome Packaging/keystone_install.sh
|
| ===================================================================
|
| --- chrome_mac/Google Chrome Packaging/keystone_install.sh (revision 273864)
|
| +++ chrome_mac/Google Chrome Packaging/keystone_install.sh (working copy)
|
| @@ -720,7 +720,6 @@
|
| readonly KS_BRAND_KEY="KSBrandID"
|
|
|
| readonly QUARANTINE_ATTR="com.apple.quarantine"
|
| - readonly KEYCHAIN_REAUTHORIZE_DIR=".keychain_reauthorize"
|
|
|
| # Don't use rsync -a, because -a expands to -rlptgoD. -g and -o copy owners
|
| # and groups, respectively, from the source, and that is undesirable in this
|
| @@ -1035,6 +1034,12 @@
|
| true)"
|
| note "old_brand = ${old_brand}"
|
|
|
| + local update_versioned_dir=
|
| + if [[ -z "${is_patch}" ]]; then
|
| + update_versioned_dir="${update_app}/${VERSIONS_DIR}/${update_version_app}"
|
| + note "update_versioned_dir = ${update_versioned_dir}"
|
| + fi
|
| +
|
| if has_32_bit_only_cpu; then
|
| # On a 32-bit-only system, make sure that the update contains 32-bit code.
|
| note "system is 32-bit-only"
|
| @@ -1043,8 +1048,8 @@
|
| if [[ -z "${is_patch}" ]]; then
|
| # For a full installer, the framework is available, so check it for
|
| # 32-bit code.
|
| - local old_framework_dir="${old_versioned_dir}/${FRAMEWORK_DIR}"
|
| - test_binary="${old_framework_dir}/${FRAMEWORK_NAME}"
|
| + local update_framework_dir="${update_versioned_dir}/${FRAMEWORK_DIR}"
|
| + test_binary="${update_framework_dir}/${FRAMEWORK_NAME}"
|
| else
|
| # No application code is guaranteed to be available at this point for a
|
| # patch updater, but goobspatch is built alongside and will have the
|
| @@ -1104,11 +1109,7 @@
|
| rm -f "${new_versioned_dir}" 2> /dev/null || true
|
| fi
|
|
|
| - local update_versioned_dir
|
| - if [[ -z "${is_patch}" ]]; then
|
| - update_versioned_dir="${update_app}/${VERSIONS_DIR}/${update_version_app}"
|
| - note "update_versioned_dir = ${update_versioned_dir}"
|
| - else # [[ -n "${is_patch}" ]]
|
| + if [[ -n "${is_patch}" ]]; then
|
| # dirpatcher won't patch into a directory that already exists. Doing so
|
| # would be a bad idea, anyway. If ${new_versioned_dir} already exists,
|
| # it may be something left over from a previous failed or incomplete
|
| @@ -1608,51 +1609,6 @@
|
| 2> /dev/null
|
| fi
|
|
|
| - # Do Keychain reauthorization. This involves running a stub executable on
|
| - # the dmg that loads the newly-updated framework and jumps to it to perform
|
| - # the reauthorization. The stub executable can be signed by the old
|
| - # certificate even after the rest of Chrome switches to the new certificate,
|
| - # so it still has access to the old Keychain items. The stub executable is
|
| - # an unbundled flat file executable whose name matches the real
|
| - # application's bundle identifier, so it's permitted access to the Keychain
|
| - # items. Doing a reauthorization step at update time reauthorizes Keychain
|
| - # items for users who never bother restarting Chrome, and provides a
|
| - # mechanism to continue doing reauthorizations even after the certificate
|
| - # changes. However, it only works for non-system ticket installations of
|
| - # Chrome, because the updater runs as root when on a system ticket, and root
|
| - # can't access individual user Keychains.
|
| - #
|
| - # Even if the reauthorization tool is launched, it doesn't necessarily try
|
| - # to do anything. It will only attempt to perform a reauthorization if one
|
| - # hasn't yet been done at update time.
|
| - note "maybe reauthorizing Keychain"
|
| -
|
| - if [[ -z "${system_ticket}" ]]; then
|
| - local new_bundleid_app
|
| - new_bundleid_app="$(infoplist_read "${installed_app_plist}" \
|
| - "${APP_BUNDLEID_KEY}" || true)"
|
| - note "new_bundleid_app = ${new_bundleid_app}"
|
| -
|
| - local keychain_reauthorize_dir="\
|
| -${update_dmg_mount_point}/${KEYCHAIN_REAUTHORIZE_DIR}"
|
| - local keychain_reauthorize_path="\
|
| -${keychain_reauthorize_dir}/${new_bundleid_app}"
|
| - note "keychain_reauthorize_path = ${keychain_reauthorize_path}"
|
| -
|
| - if [[ -x "${keychain_reauthorize_path}" ]]; then
|
| - local framework_dir="${new_versioned_dir}/${FRAMEWORK_DIR}"
|
| - local framework_code_path="${framework_dir}/${FRAMEWORK_NAME}"
|
| - note "framework_code_path = ${framework_code_path}"
|
| -
|
| - if [[ -f "${framework_code_path}" ]]; then
|
| - note "reauthorizing Keychain"
|
| - "${keychain_reauthorize_path}" "${framework_code_path}"
|
| - fi
|
| - fi
|
| - else
|
| - note "system ticket, not reauthorizing Keychain"
|
| - fi
|
| -
|
| # Great success!
|
| note "done!"
|
|
|
|
|
Chromium Code Reviews
Issue 310483004:
Roll reference builds to 35.0.1916.114. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/reference_builds/