diff --git a/avidemux/osxInstaller/CMakeLists.txt b/avidemux/osxInstaller/CMakeLists.txt index eaff8ffb8..43547c07a 100644 --- a/avidemux/osxInstaller/CMakeLists.txt +++ b/avidemux/osxInstaller/CMakeLists.txt @@ -120,6 +120,7 @@ ENDFOREACH(lang ${ListOfTranslationFiles}) # Fixup bundle CONFIGURE_FILE("${CMAKE_SOURCE_DIR}/cmake/admFixupBundle.cmake.in" "${CMAKE_BINARY_DIR}/admFixupBundle.cmake" @ONLY) +CONFIGURE_FILE("${CMAKE_SOURCE_DIR}/cmake/macos-adhoc-sign-app.sh.in" "${CMAKE_BINARY_DIR}/macos-adhoc-sign-app.sh" @ONLY) INSTALL(SCRIPT "${CMAKE_BINARY_DIR}/admFixupBundle.cmake" COMPONENT Runtime) # diff --git a/avidemux/osxInstaller/cmake/admFixupBundle.cmake.in b/avidemux/osxInstaller/cmake/admFixupBundle.cmake.in index 5c38b451d..ecfaa7f1c 100644 --- a/avidemux/osxInstaller/cmake/admFixupBundle.cmake.in +++ b/avidemux/osxInstaller/cmake/admFixupBundle.cmake.in @@ -63,4 +63,11 @@ FOREACH(frame ${frameworks}) FILE(REMOVE_RECURSE "${frame}/Versions/Current") FILE(REMOVE_RECURSE "${frame}/Versions/@ADM_QT_VERSION@/Headers") # Create symlinks ? -ENDFOREACH(frame ${frameworks}) \ No newline at end of file +ENDFOREACH(frame ${frameworks}) + +IF(ADM_CPU_ARM64) + MESSAGE(STATUS "") + MESSAGE(STATUS "Trying to adhoc-sign the app, script: ${CMAKE_BINARY_DIR}/macos-adhoc-sign-app.sh") + MESSAGE(STATUS "") + EXECUTE_PROCESS(COMMAND bash "${CMAKE_BINARY_DIR}/macos-adhoc-sign-app.sh") +ENDIF(ADM_CPU_ARM64) diff --git a/avidemux/osxInstaller/cmake/macos-adhoc-sign-app.sh.in b/avidemux/osxInstaller/cmake/macos-adhoc-sign-app.sh.in new file mode 100644 index 000000000..0c92e88a0 --- /dev/null +++ b/avidemux/osxInstaller/cmake/macos-adhoc-sign-app.sh.in @@ -0,0 +1,101 @@ +#!/bin/bash +fail() +{ + echo "** $1 **" + exit 1 +} +sign() +{ + /usr/bin/codesign --force -s - $1 || fail "Error ad-hoc signing $1" +} + +BUNDLE_CONTENT="@BUNDLE@/Contents" + +if [ ! -d "${BUNDLE_CONTENT}" ] +then + fail "Error: directory \"${BUNDLE_CONTENT}\" doesn't exist." +fi +# +# Qt frameworks +# +for fw in \ +QtCore \ +QtDBus \ +QtGui \ +QtNetwork \ +QtOpenGL \ +QtOpenGLWidgets \ +QtWidgets +do + sign ${BUNDLE_CONTENT}/Frameworks/${fw}.framework/Versions/A/${fw} +done +# +# Qt plugins +# +for folder in \ +platforms \ +styles +do + for lib in ${BUNDLE_CONTENT}/PlugIns/${folder}/*.dylib + do + sign ${lib} + done +done +# +# Other frameworks +# +for lib in ${BUNDLE_CONTENT}/Frameworks/*.dylib +do + sign ${lib} +done +# +# Avidemux plugins +# +PLUGDIR=${BUNDLE_CONTENT}/MacOS/ADM_plugins6 +for folder in \ +audioDecoder \ +audioDevices \ +audioEncoders \ +demuxers \ +muxers \ +scriptEngines \ +videoDecoders \ +videoEncoders \ +videoEncoders/qt6 \ +videoFilters \ +videoFilters/cli \ +videoFilters/qt6 +do + for lib in ${PLUGDIR}/${folder}/*.dylib + do + sign ${lib} + done +done +# +# Do JSON encoder presets, tinyPy scripts & Co. need a signature too? +# +for textfile in \ +${PLUGDIR}/autoScripts/*.py \ +${PLUGDIR}/autoScripts/lib/*.py \ +${PLUGDIR}/pluginSettings/x264/3/*.json \ +${PLUGDIR}/shaderDemo/1/*.shader +do + sign ${textfile} +done +# +# Executables +# +for exe in \ +avidemux_cli \ +avidemux_jobs +do + sign ${BUNDLE_CONTENT}/MacOS/${exe} +done +# +# Re-signing the main Avidemux executable is expected to return an error, the app should work nevertheless. +# +/usr/bin/codesign --force -s - ${BUNDLE_CONTENT}/MacOS/Avidemux2.8 +echo "** Bundle format warning, if issued, should be ignored. **" +echo "** Subsequent warnings from install_name_tool about invalidation of signatures may be ignored either. **" +echo "** Ad-hoc signing completed. **" +exit 0 \ No newline at end of file