|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
1 |
#!/bin/bash
|
2 |
# Copyright (C) 2012-2014 Felix Paul Kühne <fkuehne at videolan dot org>
|
|
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
3 |
#
|
4 |
# This program is free software; you can redistribute it and/or modify it
|
|
5 |
# under the terms of the GNU Lesser General Public License as published by
|
|
6 |
# the Free Software Foundation; either version 2.1 of the License, or
|
|
7 |
# (at your option) any later version.
|
|
8 |
#
|
|
9 |
# This program is distributed in the hope that it will be useful,
|
|
10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
12 |
# GNU Lesser General Public License for more details.
|
|
13 |
#
|
|
14 |
# You should have received a copy of the GNU Lesser General Public License
|
|
15 |
# along with this program; if not, write to the Free Software Foundation,
|
|
16 |
# Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
|
|
17 |
||
|
1.2.34
by Sebastian Ramacher
Imported Upstream version 2.2.0~pre4 |
18 |
set -e
|
19 |
||
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
20 |
info()
|
21 |
{
|
|
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
22 |
green='\x1B[1;32m' |
23 |
normal='\x1B[0m' |
|
24 |
echo -e "[${green}codesign${normal}] $1" |
|
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
25 |
}
|
26 |
||
27 |
usage()
|
|
28 |
{
|
|
29 |
cat << EOF
|
|
30 |
usage: $0 [options]
|
|
31 |
||
32 |
Sign VLC.app in the current directory
|
|
33 |
||
34 |
OPTIONS:
|
|
35 |
-h Show this help
|
|
36 |
-i Identity to use
|
|
37 |
-t Entitlements file to use
|
|
38 |
-g Enable additional magic
|
|
39 |
EOF
|
|
40 |
||
41 |
}
|
|
42 |
||
43 |
while getopts "hi:t:g" OPTION |
|
44 |
do
|
|
45 |
case $OPTION in |
|
46 |
h)
|
|
47 |
usage |
|
48 |
exit 1 |
|
49 |
;;
|
|
50 |
i)
|
|
51 |
IDENTITY=$OPTARG |
|
52 |
;;
|
|
53 |
t)
|
|
54 |
OPTIONS="--entitlements $OPTARG" |
|
55 |
;;
|
|
56 |
g)
|
|
57 |
GK="yes" |
|
58 |
;;
|
|
59 |
esac
|
|
60 |
done
|
|
61 |
shift $(($OPTIND - 1)) |
|
62 |
||
63 |
if [ "x$1" != "x" ]; then |
|
64 |
usage |
|
65 |
exit 1 |
|
66 |
fi
|
|
67 |
||
68 |
if test -z "$GK" |
|
69 |
then
|
|
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
70 |
|
71 |
info "Signing frameworks"
|
|
72 |
find VLC.app/Contents/Frameworks/* -type f -exec codesign --force -s "$IDENTITY" $OPTIONS '{}' \; |
|
73 |
||
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
74 |
info "Signing the executable"
|
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
75 |
codesign --force -s "$IDENTITY" $OPTIONS VLC.app/Contents/MacOS/VLC |
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
76 |
|
77 |
info "Signing the modules"
|
|
78 |
find VLC.app/Contents/MacOS/plugins/* -type f -exec codesign --force -s "$IDENTITY" $OPTIONS '{}' \; |
|
79 |
||
80 |
info "Signing the libraries"
|
|
81 |
find VLC.app/Contents/MacOS/lib/* -type f -exec codesign --force -s "$IDENTITY" $OPTIONS '{}' \; |
|
82 |
||
83 |
info "Signing the lua stuff"
|
|
84 |
find VLC.app/Contents/MacOS/share/lua/* -name *luac -type f -exec codesign --force -s "$IDENTITY" $OPTIONS '{}' \; |
|
85 |
else
|
|
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
86 |
FIRSTPARTOF_REQUIREMENT="=designated => anchor apple generic and identifier \"" |
87 |
SECONDPARTOF_REQUIREMENT="\" and ((cert leaf[field.1.2.840.113635.100.6.1.9] exists) or ( certificate 1[field.1.2.840.113635.100.6.2.6] exists and certificate leaf[field.1.2.840.113635.100.6.1.13] exists and certificate leaf[subject.OU] = \"75GAHG3SZQ\" ))" |
|
88 |
||
89 |
info "Cleaning frameworks"
|
|
90 |
find VLC.app/Contents/Frameworks -type f -name ".DS_Store" -exec rm '{}' \; |
|
91 |
find VLC.app/Contents/Frameworks -type f -name "*.textile" -exec rm '{}' \; |
|
92 |
find VLC.app/Contents/Frameworks -type f -name "*.txt" -exec rm '{}' \; |
|
93 |
||
94 |
info "Signing frameworks"
|
|
|
1.2.34
by Sebastian Ramacher
Imported Upstream version 2.2.0~pre4 |
95 |
IDENTIFIER="com.binarymethod.BGHUDAppKit" |
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
96 |
codesign --force --verbose -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$IDENTIFIER$SECONDPARTOF_REQUIREMENT" --timestamp=none VLC.app/Contents/Frameworks/BGHUDAppKit.framework/Versions/A |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
97 |
IDENTIFIER="com.growl.growlframework" |
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
98 |
codesign --force --verbose -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$IDENTIFIER$SECONDPARTOF_REQUIREMENT" --timestamp=none VLC.app/Contents/Frameworks/Growl.framework/Versions/A |
|
1.2.34
by Sebastian Ramacher
Imported Upstream version 2.2.0~pre4 |
99 |
IDENTIFIER="org.andymatuschak.sparkle.Autoupdate" |
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
100 |
codesign --force --verbose -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$IDENTIFIER$SECONDPARTOF_REQUIREMENT" --timestamp=none VLC.app/Contents/Frameworks/Sparkle.framework/Resources/Autoupdate.app |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
101 |
IDENTIFIER="org.andymatuschak.Sparkle" |
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
102 |
codesign --force --verbose -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$IDENTIFIER$SECONDPARTOF_REQUIREMENT" --timestamp=none VLC.app/Contents/Frameworks/Sparkle.framework/Versions/A |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
103 |
|
104 |
info "Signing the framework headers"
|
|
105 |
for i in `find VLC.app/Contents/Frameworks/* -type f -name "*.h" -exec echo {} \;` |
|
106 |
do
|
|
107 |
fbname=$(basename "$i") |
|
108 |
filename="${fbname%.*}" |
|
109 |
||
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
110 |
codesign --force -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$filename$SECONDPARTOF_REQUIREMENT" --timestamp=none $i |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
111 |
done
|
112 |
||
113 |
info "Signing the framework strings"
|
|
114 |
for i in `find VLC.app/Contents/Frameworks/* -type f -name "*.strings" -exec echo {} \;` |
|
115 |
do
|
|
116 |
fbname=$(basename "$i") |
|
117 |
filename="${fbname%.*}" |
|
118 |
||
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
119 |
codesign --force -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$filename$SECONDPARTOF_REQUIREMENT" --timestamp=none $i |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
120 |
done
|
121 |
||
122 |
info "Signing the framework plist files"
|
|
123 |
for i in `find VLC.app/Contents/Frameworks/* -type f -name "*.plist" -exec echo {} \;` |
|
124 |
do
|
|
125 |
fbname=$(basename "$i") |
|
126 |
filename="${fbname%.*}" |
|
127 |
||
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
128 |
codesign --force -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$filename$SECONDPARTOF_REQUIREMENT" --timestamp=none $i |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
129 |
done
|
130 |
||
131 |
info "Signing the framework nib files"
|
|
132 |
for i in `find VLC.app/Contents/Frameworks/* -type f -name "*.nib" -exec echo {} \;` |
|
133 |
do
|
|
134 |
fbname=$(basename "$i") |
|
135 |
filename="${fbname%.*}" |
|
136 |
||
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
137 |
codesign --force -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$filename$SECONDPARTOF_REQUIREMENT" --timestamp=none $i |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
138 |
done
|
139 |
||
140 |
info "Signing the headers"
|
|
141 |
for i in `find VLC.app/Contents/MacOS/include/* -type f -exec echo {} \;` |
|
142 |
do
|
|
143 |
fbname=$(basename "$i") |
|
144 |
filename="${fbname%.*}" |
|
145 |
||
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
146 |
codesign --force -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$filename$SECONDPARTOF_REQUIREMENT" --timestamp=none $i |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
147 |
done
|
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
148 |
|
149 |
info "Signing the modules"
|
|
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
150 |
|
151 |
for i in `find VLC.app/Contents/MacOS/plugins/* -type f -exec echo {} \;` |
|
152 |
do
|
|
153 |
fbname=$(basename "$i") |
|
154 |
filename="${fbname%.*}" |
|
155 |
||
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
156 |
codesign --force -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$filename$SECONDPARTOF_REQUIREMENT" --timestamp=none $i |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
157 |
done
|
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
158 |
|
159 |
info "Signing the libraries"
|
|
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
160 |
|
161 |
for i in `find VLC.app/Contents/MacOS/lib/* -type f -exec echo {} \;` |
|
162 |
do
|
|
163 |
fbname=$(basename "$i") |
|
164 |
filename="${fbname%.*}" |
|
165 |
||
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
166 |
codesign --force -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$filename$SECONDPARTOF_REQUIREMENT" --timestamp=none $i |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
167 |
done
|
168 |
||
169 |
info "Signing share"
|
|
170 |
||
171 |
for i in `find VLC.app/Contents/MacOS/share/* -type f -exec echo {} \;` |
|
172 |
do
|
|
173 |
fbname=$(basename "$i") |
|
174 |
filename="${fbname%.*}" |
|
175 |
||
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
176 |
codesign --force -s "$IDENTITY" --preserve-metadata=identifier,entitlements --requirements "$FIRSTPARTOF_REQUIREMENT$filename$SECONDPARTOF_REQUIREMENT" --timestamp=none $i |
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
177 |
done
|
178 |
||
179 |
info "Signing the executable"
|
|
|
1.2.34
by Sebastian Ramacher
Imported Upstream version 2.2.0~pre4 |
180 |
IDENTIFIER="org.videolan.vlc" |
|
1.2.39
by Sebastian Ramacher
Imported Upstream version 2.2.2 |
181 |
codesign --force -s "$IDENTITY" --requirements "$FIRSTPARTOF_REQUIREMENT$IDENTIFIER$SECONDPARTOF_REQUIREMENT" --timestamp=none VLC.app/Contents/MacOS/VLC |
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
182 |
fi
|
183 |
||
184 |
info "all items signed, validating..."
|
|
185 |
||
|
1.2.33
by Benjamin Drung
Imported Upstream version 2.2.0~pre3 |
186 |
info "Validating frameworks"
|
|
1.2.34
by Sebastian Ramacher
Imported Upstream version 2.2.0~pre4 |
187 |
codesign --verify -vv VLC.app/Contents/Frameworks/BGHUDAppKit.framework |
188 |
codesign --verify -vv VLC.app/Contents/Frameworks/Growl.framework |
|
189 |
codesign --verify -vv VLC.app/Contents/Frameworks/Sparkle.framework |
|
190 |
||
191 |
info "Validating autoupdate app"
|
|
192 |
codesign --verify -vv VLC.app/Contents/Frameworks/Sparkle.framework/Versions/Current/Resources/Autoupdate.app |
|
193 |
||
194 |
info "Validating complete bundle"
|
|
195 |
codesign --verify --deep --verbose=4 VLC.app |
|
196 |
||
|
1.2.19
by Benjamin Drung
Imported Upstream version 2.0.3 |
197 |
|
198 |
info "Validation complete"
|