Closed leo-hydraulic closed 10 months ago
Thanks for this PR.
I recognize there's a bug with nested bundle signing and this patch is possibly the valid fix.
But I'm extremely busy with non open source commitments at the moment and can't promise when I'll have time to look at this. Hopefully in the next few weeks. But no promises.
I've cherry picked the "
and empty CMS blob changes to the main
branch. Thanks for those fixes!
What's left is the bundle handling change. I need to spend a few hours to go over the bundle handling code.
Also in the main
branch are a ton of new .trycmd
tests. The presence of those should hopefully make it easier to test/verify the impact of any changes to the bundle signing code.
I rewrote the bundle signing code yesterday and today. See b26376f50bfb13a024938004531474d40676e578 for the biggest commit. But there were several smaller bugs fixed in the past few days. I believe the new bundle traversal logic is much more in line with how Apple does it.
I think all components of this PR have effectively merged. So closing this.
Thanks for your contributions! They were helpful in fixing some longstanding issues with bundle signing.
I've carefully inspected apple's source code to identify differences between using "codesign" vs using "rcodesign" to sign the Sparkle framework. The code in this change successfully creates the appropriate sealed resources. The main differences are: 1) Always process nested bundles, even if the bundle is shallow. That is a bold move, but also: 2) Only sign nested bundles that contain a "." in the name. That is literally how Apple does it. And: 3) Only sign nested bundles if they match a "nested" rule. That is also in the Apple source code.
It would be useful to have test cases including situations where you observed that framework bundles didn't include nested bundles in the resources, to see if my changes keep the correct behavior.