diff options
| author | Micah Lee <micah@micahflee.com> | 2019-04-21 19:13:48 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-04-21 19:13:48 -0700 |
| commit | f3f458da8527969a251599054060c8f638375d5a (patch) | |
| tree | 529b70877b3a9206e9fb15e44b9fefaf82897691 | |
| parent | cba7a47a852e0b6e4fe16fea38064ed1b8d6c4dc (diff) | |
| download | onionshare-f3f458da8527969a251599054060c8f638375d5a.tar.gz onionshare-f3f458da8527969a251599054060c8f638375d5a.zip | |
macOS package hardening (#967)v2.1.dev1
When making a macOS release, add a timestamp to signature
| -rwxr-xr-x | install/build_osx.sh | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/install/build_osx.sh b/install/build_osx.sh index 010e3edb..40e1fe90 100755 --- a/install/build_osx.sh +++ b/install/build_osx.sh @@ -27,11 +27,26 @@ if [ "$1" = "--release" ]; then ENTITLEMENTS_PARENT_PATH="$ROOT/install/macos_sandbox/parent.plist" echo "Codesigning the app bundle" - codesign --deep -s "$IDENTITY_NAME_APPLICATION" -f --entitlements "$ENTITLEMENTS_CHILD_PATH" "$APP_PATH" - codesign -s "$IDENTITY_NAME_APPLICATION" -f --entitlements "$ENTITLEMENTS_PARENT_PATH" "$APP_PATH" + codesign \ + --deep \ + -s "$IDENTITY_NAME_APPLICATION" \ + --force \ + --entitlements "$ENTITLEMENTS_CHILD_PATH" \ + --timestamp \ + "$APP_PATH" + codesign \ + -s "$IDENTITY_NAME_APPLICATION" \ + --force \ + --entitlements "$ENTITLEMENTS_PARENT_PATH" \ + --timestamp \ + "$APP_PATH" echo "Creating an installer" - productbuild --sign "$IDENTITY_NAME_INSTALLER" --component "$APP_PATH" /Applications "$PKG_PATH" + productbuild \ + --sign "$IDENTITY_NAME_INSTALLER" \ + --component "$APP_PATH" /Applications \ + --timestamp \ + "$PKG_PATH" echo "Cleaning up" rm -rf "$APP_PATH" |