We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 1999 - The mac framework is not signed
Summary: The mac framework is not signed
Status: RESOLVED FIXED
Alias: None
Product: SDL
Classification: Unclassified
Component: build (show other bugs)
Version: don't know
Hardware: All Mac OS X (All)
: P2 major
Assignee: Sam Lantinga
QA Contact: Sam Lantinga
URL:
Keywords: target-2.0.0
Depends on:
Blocks:
 
Reported: 2013-07-30 12:42 UTC by dak180
Modified: 2013-08-01 01:13 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description dak180 2013-07-30 12:42:15 UTC 
Frameworks, according to Apple should be signed by their builders.

Preferably this should be done with an apple dev id but anything would be better than nothing.
Comment 1 Sam Lantinga 2013-07-31 00:41:09 UTC 
It is now, thanks!
http://hg.libsdl.org/SDL/rev/ff3e041c27f3
Comment 2 dak180 2013-07-31 00:54:12 UTC 
Depending on what osx version you build / sign on (and the signing identity used) this may produce a signature that is not valid on 10.6 and / or 10.5 while still being valid on 10.7+.

If you have a signed binary somewhere handy I would be happy to check and help fix it if so.
Comment 3 Sam Lantinga 2013-07-31 02:15:25 UTC 
Great, here's a signed framework:
http://www.libsdl.org/tmp/release/SDL2-2.0.0.dmg
Comment 4 dak180 2013-07-31 02:32:36 UTC 
Well this is interesting:

codesign -vvv /Volumes/SDL2/SDL2.framework/Versions/A 
/Volumes/SDL2/SDL2.framework/Versions/A: object file format invalid or unsuitable

I will look into this more in a few hours.
Comment 5 Sam Lantinga 2013-07-31 02:35:57 UTC 
Yes please.  Here's what I get:
codesign -vvv /Volumes/SDL2/SDL2.framework/Versions/A
/Volumes/SDL2/SDL2.framework/Versions/A: valid on disk
/Volumes/SDL2/SDL2.framework/Versions/A: satisfies its Designated Requirement
Comment 6 dak180 2013-07-31 08:47:59 UTC 
Having looked into it a bit the first thing that will need to be done is:

	<key>CFBundleExecutable</key>
	<string>${EXECUTABLE_NAME}</string>

added to the info.plist file.

Once that is done I should test test it again.
Comment 7 Sam Lantinga 2013-08-01 00:37:48 UTC 
Okay, try now...
Comment 8 dak180 2013-08-01 01:13:24 UTC 
It now tests as:

codesign -vvv /Volumes/SDL2/SDL2.framework/Versions/A /Volumes/SDL2/SDL2.framework/Versions/A: valid on disk
/Volumes/SDL2/SDL2.framework/Versions/A: satisfies its Designated Requirement

and

codesign -d -r- /Volumes/SDL2/SDL2.framework/Versions/A
Executable=/Volumes/SDL2/SDL2.framework/Versions/A/SDL2
designated => identifier "org.libsdl.SDL2" and anchor apple generic and certificate leaf[subject.CN] = "Mac Developer: Sam Lantinga (84TP7N5TA4)" and certificate 1[field.1.2.840.113635.100.6.2.1] /* exists */

which works on 10.6 an 10.5.

Keep in mind that you will need to move to a custom codesignrequirement.rqset file should you need to have someone else sign the framework or should your cert's common name field ever not be "Mac Developer: Sam Lantinga (84TP7N5TA4)" (and that change would need to happen before it was signed with the new cert).