Merge pull request #6116
d1a3866
build: Cope with spaces in filenames when creating/applying OSX sigs (Cory Fields)7cef321
[Mac only] rename Bitcoin-Qt.app to "Bitcoin Core.app" (Jonas Schnelli)
This commit is contained in:
commit
30dc3c1b38
@ -14,8 +14,8 @@ BITCOIN_QT_BIN=$(top_builddir)/src/qt/bitcoin-qt$(EXEEXT)
|
||||
BITCOIN_CLI_BIN=$(top_builddir)/src/bitcoin-cli$(EXEEXT)
|
||||
BITCOIN_WIN_INSTALLER=$(PACKAGE)-$(PACKAGE_VERSION)-win$(WINDOWS_BITS)-setup$(EXEEXT)
|
||||
|
||||
OSX_APP=Bitcoin-Qt.app
|
||||
OSX_DMG=Bitcoin-Qt.dmg
|
||||
OSX_APP=Bitcoin-Core.app
|
||||
OSX_DMG=Bitcoin-Core.dmg
|
||||
OSX_BACKGROUND_IMAGE=background.tiff
|
||||
OSX_DEPLOY_SCRIPT=$(top_srcdir)/contrib/macdeploy/macdeployqtplus
|
||||
OSX_FANCY_PLIST=$(top_srcdir)/contrib/macdeploy/fancy.plist
|
||||
@ -106,7 +106,7 @@ $(APP_DIST_DIR)/Applications:
|
||||
$(APP_DIST_EXTRAS): $(APP_DIST_DIR)/$(OSX_APP)/Contents/MacOS/Bitcoin-Qt
|
||||
|
||||
$(OSX_DMG): $(APP_DIST_EXTRAS)
|
||||
$(GENISOIMAGE) -no-cache-inodes -D -l -probe -V "Bitcoin-Qt" -no-pad -r -apple -o $@ dist
|
||||
$(GENISOIMAGE) -no-cache-inodes -D -l -probe -V "Bitcoin-Core" -no-pad -r -apple -o $@ dist
|
||||
|
||||
$(APP_DIST_DIR)/.background/$(OSX_BACKGROUND_IMAGE): contrib/macdeploy/$(OSX_BACKGROUND_IMAGE)
|
||||
$(MKDIR_P) $(@D)
|
||||
|
@ -33,5 +33,5 @@ script: |
|
||||
|
||||
tar -xf ${UNSIGNED}
|
||||
./detached-sig-apply.sh ${UNSIGNED} signature.tar.gz
|
||||
${WRAP_DIR}/genisoimage -no-cache-inodes -D -l -probe -V "Bitcoin-Qt" -no-pad -r -apple -o uncompressed.dmg signed-app
|
||||
${WRAP_DIR}/genisoimage -no-cache-inodes -D -l -probe -V "Bitcoin-Core" -no-pad -r -apple -o uncompressed.dmg signed-app
|
||||
${WRAP_DIR}/dmg dmg uncompressed.dmg ${OUTDIR}/${SIGNED}
|
||||
|
@ -120,7 +120,7 @@ script: |
|
||||
popd
|
||||
|
||||
make deploy
|
||||
${WRAP_DIR}/dmg dmg Bitcoin-Qt.dmg ${OUTDIR}/${DISTNAME}-osx-unsigned.dmg
|
||||
${WRAP_DIR}/dmg dmg Bitcoin-Core.dmg ${OUTDIR}/${DISTNAME}-osx-unsigned.dmg
|
||||
|
||||
cd installed
|
||||
find . -name "lib*.la" -delete
|
||||
|
Binary file not shown.
@ -11,5 +11,5 @@ This script should not be run manually, instead, after building as usual:
|
||||
During the process, the disk image window will pop up briefly where the fancy
|
||||
settings are applied. This is normal, please do not interfere.
|
||||
|
||||
When finished, it will produce `Bitcoin-Qt.dmg`.
|
||||
When finished, it will produce `Bitcoin-Core.dmg`.
|
||||
|
||||
|
@ -1,11 +1,10 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
UNSIGNED=$1
|
||||
SIGNATURE=$2
|
||||
UNSIGNED="$1"
|
||||
SIGNATURE="$2"
|
||||
ARCH=x86_64
|
||||
ROOTDIR=dist
|
||||
BUNDLE=${ROOTDIR}/Bitcoin-Qt.app
|
||||
TEMPDIR=signed.temp
|
||||
OUTDIR=signed-app
|
||||
|
||||
@ -31,21 +30,21 @@ if [ -z "${CODESIGN_ALLOCATE}" ]; then
|
||||
CODESIGN_ALLOCATE=${TEMPDIR}/codesign_allocate
|
||||
fi
|
||||
|
||||
for i in `find ${TEMPDIR} -name "*.sign"`; do
|
||||
SIZE=`stat -c %s ${i}`
|
||||
TARGET_FILE=`echo ${i} | sed 's/\.sign$//'`
|
||||
find ${TEMPDIR} -name "*.sign" | while read i; do
|
||||
SIZE=`stat -c %s "${i}"`
|
||||
TARGET_FILE="`echo "${i}" | sed 's/\.sign$//'`"
|
||||
|
||||
echo "Allocating space for the signature of size ${SIZE} in ${TARGET_FILE}"
|
||||
${CODESIGN_ALLOCATE} -i ${TARGET_FILE} -a ${ARCH} ${SIZE} -o ${i}.tmp
|
||||
${CODESIGN_ALLOCATE} -i "${TARGET_FILE}" -a ${ARCH} ${SIZE} -o "${i}.tmp"
|
||||
|
||||
OFFSET=`${PAGESTUFF} ${i}.tmp -p | tail -2 | grep offset | sed 's/[^0-9]*//g'`
|
||||
OFFSET=`${PAGESTUFF} "${i}.tmp" -p | tail -2 | grep offset | sed 's/[^0-9]*//g'`
|
||||
if [ -z ${QUIET} ]; then
|
||||
echo "Attaching signature at offset ${OFFSET}"
|
||||
fi
|
||||
|
||||
dd if=$i of=${i}.tmp bs=1 seek=${OFFSET} count=${SIZE} 2>/dev/null
|
||||
mv ${i}.tmp ${TARGET_FILE}
|
||||
rm ${i}
|
||||
dd if="$i" of="${i}.tmp" bs=1 seek=${OFFSET} count=${SIZE} 2>/dev/null
|
||||
mv "${i}.tmp" "${TARGET_FILE}"
|
||||
rm "${i}"
|
||||
echo "Success."
|
||||
done
|
||||
mv ${TEMPDIR}/${ROOTDIR} ${OUTDIR}
|
||||
|
@ -2,7 +2,7 @@
|
||||
set -e
|
||||
|
||||
ROOTDIR=dist
|
||||
BUNDLE=${ROOTDIR}/Bitcoin-Qt.app
|
||||
BUNDLE="${ROOTDIR}/Bitcoin Core.app"
|
||||
CODESIGN=codesign
|
||||
TEMPDIR=sign.temp
|
||||
TEMPLIST=${TEMPDIR}/signatures.txt
|
||||
@ -19,19 +19,19 @@ mkdir -p ${TEMPDIR}
|
||||
|
||||
${CODESIGN} -f --file-list ${TEMPLIST} "$@" "${BUNDLE}"
|
||||
|
||||
for i in `grep -v CodeResources ${TEMPLIST}`; do
|
||||
TARGETFILE="${BUNDLE}/`echo ${i} | sed "s|.*${BUNDLE}/||"`"
|
||||
SIZE=`pagestuff $i -p | tail -2 | grep size | sed 's/[^0-9]*//g'`
|
||||
OFFSET=`pagestuff $i -p | tail -2 | grep offset | sed 's/[^0-9]*//g'`
|
||||
grep -v CodeResources < "${TEMPLIST}" | while read i; do
|
||||
TARGETFILE="${BUNDLE}/`echo "${i}" | sed "s|.*${BUNDLE}/||"`"
|
||||
SIZE=`pagestuff "$i" -p | tail -2 | grep size | sed 's/[^0-9]*//g'`
|
||||
OFFSET=`pagestuff "$i" -p | tail -2 | grep offset | sed 's/[^0-9]*//g'`
|
||||
SIGNFILE="${TEMPDIR}/${TARGETFILE}.sign"
|
||||
DIRNAME="`dirname ${SIGNFILE}`"
|
||||
DIRNAME="`dirname "${SIGNFILE}"`"
|
||||
mkdir -p "${DIRNAME}"
|
||||
echo "Adding detached signature for: ${TARGETFILE}. Size: ${SIZE}. Offset: ${OFFSET}"
|
||||
dd if=$i of=${SIGNFILE} bs=1 skip=${OFFSET} count=${SIZE} 2>/dev/null
|
||||
dd if="$i" of="${SIGNFILE}" bs=1 skip=${OFFSET} count=${SIZE} 2>/dev/null
|
||||
done
|
||||
|
||||
for i in `grep CodeResources ${TEMPLIST}`; do
|
||||
TARGETFILE="${BUNDLE}/`echo ${i} | sed "s|.*${BUNDLE}/||"`"
|
||||
grep CodeResources < "${TEMPLIST}" | while read i; do
|
||||
TARGETFILE="${BUNDLE}/`echo "${i}" | sed "s|.*${BUNDLE}/||"`"
|
||||
RESOURCE="${TEMPDIR}/${TARGETFILE}"
|
||||
DIRNAME="`dirname "${RESOURCE}"`"
|
||||
mkdir -p "${DIRNAME}"
|
||||
@ -41,6 +41,6 @@ done
|
||||
|
||||
rm ${TEMPLIST}
|
||||
|
||||
tar -C ${TEMPDIR} -czf ${OUT} .
|
||||
rm -rf ${TEMPDIR}
|
||||
tar -C "${TEMPDIR}" -czf "${OUT}" .
|
||||
rm -rf "${TEMPDIR}"
|
||||
echo "Created ${OUT}"
|
||||
|
@ -22,7 +22,7 @@
|
||||
<integer>370</integer>
|
||||
<integer>156</integer>
|
||||
</array>
|
||||
<key>Bitcoin-Qt.app</key>
|
||||
<key>Bitcoin Core.app</key>
|
||||
<array>
|
||||
<integer>128</integer>
|
||||
<integer>156</integer>
|
||||
|
@ -155,7 +155,7 @@ class FrameworkInfo(object):
|
||||
class ApplicationBundleInfo(object):
|
||||
def __init__(self, path):
|
||||
self.path = path
|
||||
appName = os.path.splitext(os.path.basename(path))[0]
|
||||
appName = "Bitcoin-Qt"
|
||||
self.binaryPath = os.path.join(path, "Contents", "MacOS", appName)
|
||||
if not os.path.exists(self.binaryPath):
|
||||
raise RuntimeError("Could not find bundle binary for " + path)
|
||||
@ -596,7 +596,7 @@ if os.path.exists("dist"):
|
||||
|
||||
# ------------------------------------------------
|
||||
|
||||
target = os.path.join("dist", app_bundle)
|
||||
target = os.path.join("dist", "Bitcoin Core.app")
|
||||
|
||||
if verbose >= 2:
|
||||
print "+ Copying source bundle +"
|
||||
@ -837,7 +837,7 @@ if config.dmg is not None:
|
||||
items_positions.append(itemscript.substitute(params))
|
||||
|
||||
params = {
|
||||
"disk" : "Bitcoin-Qt",
|
||||
"disk" : "Bitcoin-Core",
|
||||
"window_bounds" : "300,300,800,620",
|
||||
"icon_size" : "96",
|
||||
"background_commands" : "",
|
||||
|
@ -100,7 +100,7 @@ Creating a release build
|
||||
------------------------
|
||||
You can ignore this section if you are building `bitcoind` for your own use.
|
||||
|
||||
bitcoind/bitcoin-cli binaries are not included in the Bitcoin-Qt.app bundle.
|
||||
bitcoind/bitcoin-cli binaries are not included in the Bitcoin-Core.app bundle.
|
||||
|
||||
If you are building `bitcoind` or `Bitcoin-Qt` for others, your build machine should be set up
|
||||
as follows for maximum compatibility:
|
||||
@ -111,7 +111,7 @@ All dependencies should be compiled with these flags:
|
||||
-arch x86_64
|
||||
-isysroot $(xcode-select --print-path)/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.7.sdk
|
||||
|
||||
Once dependencies are compiled, see [doc/release-process.md](release-process.md) for how the Bitcoin-Qt.app
|
||||
Once dependencies are compiled, see [doc/release-process.md](release-process.md) for how the Bitcoin-Core.app
|
||||
bundle is packaged and signed to create the .dmg disk image that is distributed.
|
||||
|
||||
Running
|
||||
|
@ -7,7 +7,7 @@ signing requests.
|
||||
|
||||
For OSX, the private key was generated by Keychain.app on Gavin's main work machine.
|
||||
The key and certificate is in a separate, passphrase-protected keychain file that is
|
||||
unlocked to sign the Bitcoin-Qt.app bundle.
|
||||
unlocked to sign the Bitcoin-Core.app bundle.
|
||||
|
||||
For Windows, the private key was generated by Firefox running on Gavin's main work machine.
|
||||
The key and certificate were exported into a separate, passphrase-protected PKCS#12 file, and
|
||||
@ -17,7 +17,7 @@ Threat analysis
|
||||
--
|
||||
|
||||
Gavin is a single point of failure. He could be coerced to divulge the secret signing keys,
|
||||
allowing somebody to distribute a Bitcoin-Qt.app or bitcoin-qt-setup.exe with a valid
|
||||
allowing somebody to distribute a Bitcoin-Core.app or bitcoin-qt-setup.exe with a valid
|
||||
signature but containing a malicious binary.
|
||||
|
||||
Or the machine Gavin uses to sign the binaries could be compromised, either remotely or
|
||||
|
Loading…
Reference in New Issue
Block a user