We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 1999

Summary: The mac framework is not signed
Product: SDL Reporter: dak180 <dak180>
Component: buildAssignee: Sam Lantinga <slouken>
Status: RESOLVED FIXED QA Contact: Sam Lantinga <slouken>
Severity: major    
Priority: P2 Keywords: target-2.0.0
Version: don't know   
Hardware: All   
OS: Mac OS X (All)   

Description dak180 2013-07-30 12:42:15 UTC 
Frameworks, according to Apple should be signed by their builders.

Preferably this should be done with an apple dev id but anything would be better than nothing.
Comment 1 Sam Lantinga 2013-07-31 00:41:09 UTC 
It is now, thanks!
http://hg.libsdl.org/SDL/rev/ff3e041c27f3
Comment 2 dak180 2013-07-31 00:54:12 UTC 
Depending on what osx version you build / sign on (and the signing identity used) this may produce a signature that is not valid on 10.6 and / or 10.5 while still being valid on 10.7+.

If you have a signed binary somewhere handy I would be happy to check and help fix it if so.
Comment 3 Sam Lantinga 2013-07-31 02:15:25 UTC 
Great, here's a signed framework:
http://www.libsdl.org/tmp/release/SDL2-2.0.0.dmg
Comment 4 dak180 2013-07-31 02:32:36 UTC 
Well this is interesting:

codesign -vvv /Volumes/SDL2/SDL2.framework/Versions/A 
/Volumes/SDL2/SDL2.framework/Versions/A: object file format invalid or unsuitable

I will look into this more in a few hours.
Comment 5 Sam Lantinga 2013-07-31 02:35:57 UTC 
Yes please.  Here's what I get:
codesign -vvv /Volumes/SDL2/SDL2.framework/Versions/A
/Volumes/SDL2/SDL2.framework/Versions/A: valid on disk
/Volumes/SDL2/SDL2.framework/Versions/A: satisfies its Designated Requirement
Comment 6 dak180 2013-07-31 08:47:59 UTC 
Having looked into it a bit the first thing that will need to be done is:

	<key>CFBundleExecutable</key>
	<string>${EXECUTABLE_NAME}</string>

added to the info.plist file.

Once that is done I should test test it again.
Comment 7 Sam Lantinga 2013-08-01 00:37:48 UTC 
Okay, try now...
Comment 8 dak180 2013-08-01 01:13:24 UTC 
It now tests as:

codesign -vvv /Volumes/SDL2/SDL2.framework/Versions/A /Volumes/SDL2/SDL2.framework/Versions/A: valid on disk
/Volumes/SDL2/SDL2.framework/Versions/A: satisfies its Designated Requirement

and

codesign -d -r- /Volumes/SDL2/SDL2.framework/Versions/A
Executable=/Volumes/SDL2/SDL2.framework/Versions/A/SDL2
designated => identifier "org.libsdl.SDL2" and anchor apple generic and certificate leaf[subject.CN] = "Mac Developer: Sam Lantinga (84TP7N5TA4)" and certificate 1[field.1.2.840.113635.100.6.2.1] /* exists */

which works on 10.6 an 10.5.

Keep in mind that you will need to move to a custom codesignrequirement.rqset file should you need to have someone else sign the framework or should your cert's common name field ever not be "Mac Developer: Sam Lantinga (84TP7N5TA4)" (and that change would need to happen before it was signed with the new cert).