Skip to content

Commit

Permalink
Added necessary entitlement and additional buildstep
Browse files Browse the repository at this point in the history 
Enabled the "Keychain Sharing" Entitlement that is required for
the Keychain APIs to work properly.

The additional buildstep signs the KissXML.framework nested inside
the KeePassKit.framework before this Framework itself is signed and
embedded. This is necessary because, to my knowledge, Xcode does not
support signing nested frameworks.
  • Loading branch information
Julius Zint committed Feb 14, 2021
1 parent a7b8be1 commit 4e56740
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
20 changes: 20 additions & 0 deletions MacPass.xcodeproj/project.pbxproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1904,6 +1904,7 @@
4C77E35F15B84A240093A587 /* Frameworks */,
4C77E36015B84A240093A587 /* Resources */,
4C44DB1B1C08999F00774EB3 /* Versioning */,
AF786C6F24D327A400240320 /* ShellScript */,
4CC5D36618A1332000AF7FA8 /* CopyFiles */,
);
buildRules = (
Expand Down Expand Up @@ -2120,6 +2121,23 @@
shellScript = "git=`sh /etc/profile; which git`\nbranch_name=`$git rev-parse --abbrev-ref HEAD`\ngit_count=`$git rev-list $branch_name |wc -l | sed 's/^ *//;s/ *$//'`\n\nbuild_number=\"${git_count}0\"\nif [ $CONFIGURATION != \"Release\" ]; then\n if [ $branch_name != \"master\" ] && [ $branch_name != release* ]; then\n build_number+=\"-$branch_name\"\n fi\nfi\nif [ \"$CI\" = \"true\" ]; then\nbuild_date=`date +\"%Y%m%d%H%m%S\"`\nbuild_number=\"$build_date-continuous\"\nfi\n\nplist=\"${TARGET_BUILD_DIR}/${INFOPLIST_PATH}\"\ndsym_plist=\"${DWARF_DSYM_FOLDER_PATH}/${DWARF_DSYM_FILE_NAME}/Contents/Info.plist\"\n\n/usr/libexec/PlistBuddy -c \"Set :CFBundleVersion $build_number\" \"$plist\"\nif [ -f \"$DSYM_INFO_PLIST\" ] ; then\n/usr/libexec/PlistBuddy -c \"Set :CFBundleVersion $build_number\" \"$dsym_plist\"\nfi\n";
showEnvVarsInLog = 0;
};
AF786C6F24D327A400240320 /* ShellScript */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
);
inputFileListPaths = (
);
inputPaths = (
);
outputFileListPaths = (
);
outputPaths = (
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "# Type a script or drag a script file from your workspace to insert its path.\nif [ \"$CODE_SIGNING_REQUIRED\" = \"NO\" ]\nthen\n exit 0\nfi\n/usr/bin/codesign --force --sign \"${EXPANDED_CODE_SIGN_IDENTITY}\" --timestamp=none --preserve-metadata=identifier,entitlements,flags ./Carthage/Build/Mac/KeePassKit.framework/Versions/A/Frameworks/KissXML.framework\nexit $?\n";
};
/* End PBXShellScriptBuildPhase section */

/* Begin PBXSourcesBuildPhase section */
Expand Down Expand Up @@ -3064,6 +3082,7 @@
CLANG_ENABLE_MODULES = YES;
CLANG_ENABLE_OBJC_ARC = YES;
CODE_SIGN_IDENTITY = "-";
CODE_SIGN_ENTITLEMENTS = MacPass/MacPass.entitlements;
COMBINE_HIDPI_IMAGES = YES;
CURRENT_PROJECT_VERSION = "${CURRENT_PROJECT_VERSION}";
FRAMEWORK_SEARCH_PATHS = (
Expand Down Expand Up @@ -3094,6 +3113,7 @@
CLANG_ENABLE_MODULES = YES;
CLANG_ENABLE_OBJC_ARC = YES;
CODE_SIGN_IDENTITY = "-";
CODE_SIGN_ENTITLEMENTS = MacPass/MacPass.entitlements;
COMBINE_HIDPI_IMAGES = YES;
CURRENT_PROJECT_VERSION = "${CURRENT_PROJECT_VERSION}";
FRAMEWORK_SEARCH_PATHS = (
Expand Down
2 changes: 2 additions & 0 deletions MacPass/MacPass.entitlements
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,7 @@
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
<key>keychain-access-groups</key>
<array/>
</dict>
</plist>

0 comments on commit 4e56740

Please sign in to comment.