Manually code-sign after running install_name_tool
This commit is contained in:
parent
d517333446
commit
25bfa15371
|
@ -356,14 +356,11 @@ fn copy_sanitizers(
|
|||
builder.copy(&runtime.path, &dst);
|
||||
|
||||
if target == "x86_64-apple-darwin" || target == "aarch64-apple-darwin" {
|
||||
// Update the library install name reflect the fact it has been renamed.
|
||||
let status = Command::new("install_name_tool")
|
||||
.arg("-id")
|
||||
.arg(format!("@rpath/{}", runtime.name))
|
||||
.arg(&dst)
|
||||
.status()
|
||||
.expect("failed to execute `install_name_tool`");
|
||||
assert!(status.success());
|
||||
// Update the library’s install name to reflect that it has has been renamed.
|
||||
apple_darwin_update_library_name(&dst, &format!("@rpath/{}", &runtime.name));
|
||||
// Upon renaming the install name, the code signature of the file will invalidate,
|
||||
// so we will sign it again.
|
||||
apple_darwin_sign_file(&dst);
|
||||
}
|
||||
|
||||
target_deps.push(dst);
|
||||
|
@ -372,6 +369,27 @@ fn copy_sanitizers(
|
|||
target_deps
|
||||
}
|
||||
|
||||
fn apple_darwin_update_library_name(library_path: &Path, new_name: &str) {
|
||||
let status = Command::new("install_name_tool")
|
||||
.arg("-id")
|
||||
.arg(new_name)
|
||||
.arg(library_path)
|
||||
.status()
|
||||
.expect("failed to execute `install_name_tool`");
|
||||
assert!(status.success());
|
||||
}
|
||||
|
||||
fn apple_darwin_sign_file(file_path: &Path) {
|
||||
let status = Command::new("codesign")
|
||||
.arg("-f") // Force to rewrite the existing signature
|
||||
.arg("-s")
|
||||
.arg("-")
|
||||
.arg(file_path)
|
||||
.status()
|
||||
.expect("failed to execute `codesign`");
|
||||
assert!(status.success());
|
||||
}
|
||||
|
||||
#[derive(Debug, Copy, Clone, PartialEq, Eq, Hash)]
|
||||
pub struct StartupObjects {
|
||||
pub compiler: Compiler,
|
||||
|
|
Loading…
Reference in New Issue