Merge pull request #94518 from bruvzg/mac_net_non_sandboxed_sign
[macOS] Fix codesigning of .NET helper executables when sandboxing is disabled.
This commit is contained in:
commit
cf9e485696
|
@ -1213,6 +1213,7 @@ Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPres
|
||||||
const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code) {
|
const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code) {
|
||||||
static Vector<String> extensions_to_sign;
|
static Vector<String> extensions_to_sign;
|
||||||
|
|
||||||
|
bool sandbox = p_preset->get("codesign/entitlements/app_sandbox/enabled");
|
||||||
if (extensions_to_sign.is_empty()) {
|
if (extensions_to_sign.is_empty()) {
|
||||||
extensions_to_sign.push_back("dylib");
|
extensions_to_sign.push_back("dylib");
|
||||||
extensions_to_sign.push_back("framework");
|
extensions_to_sign.push_back("framework");
|
||||||
|
@ -1239,7 +1240,7 @@ Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPres
|
||||||
if (extensions_to_sign.has(current_file.get_extension())) {
|
if (extensions_to_sign.has(current_file.get_extension())) {
|
||||||
String ent_path = p_ent_path;
|
String ent_path = p_ent_path;
|
||||||
bool set_bundle_id = false;
|
bool set_bundle_id = false;
|
||||||
if (FileAccess::exists(current_file_path)) {
|
if (sandbox && FileAccess::exists(current_file_path)) {
|
||||||
int ftype = MachO::get_filetype(current_file_path);
|
int ftype = MachO::get_filetype(current_file_path);
|
||||||
if (ftype == 2 || ftype == 5) {
|
if (ftype == 2 || ftype == 5) {
|
||||||
ent_path = p_helper_ent_path;
|
ent_path = p_helper_ent_path;
|
||||||
|
@ -1274,7 +1275,7 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access
|
||||||
const String &p_in_app_path, bool p_sign_enabled,
|
const String &p_in_app_path, bool p_sign_enabled,
|
||||||
const Ref<EditorExportPreset> &p_preset, const String &p_ent_path,
|
const Ref<EditorExportPreset> &p_preset, const String &p_ent_path,
|
||||||
const String &p_helper_ent_path,
|
const String &p_helper_ent_path,
|
||||||
bool p_should_error_on_non_code_sign) {
|
bool p_should_error_on_non_code_sign, bool p_sandbox) {
|
||||||
static Vector<String> extensions_to_sign;
|
static Vector<String> extensions_to_sign;
|
||||||
|
|
||||||
if (extensions_to_sign.is_empty()) {
|
if (extensions_to_sign.is_empty()) {
|
||||||
|
@ -1368,7 +1369,7 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access
|
||||||
if (extensions_to_sign.has(p_in_app_path.get_extension())) {
|
if (extensions_to_sign.has(p_in_app_path.get_extension())) {
|
||||||
String ent_path = p_ent_path;
|
String ent_path = p_ent_path;
|
||||||
bool set_bundle_id = false;
|
bool set_bundle_id = false;
|
||||||
if (FileAccess::exists(p_in_app_path)) {
|
if (p_sandbox && FileAccess::exists(p_in_app_path)) {
|
||||||
int ftype = MachO::get_filetype(p_in_app_path);
|
int ftype = MachO::get_filetype(p_in_app_path);
|
||||||
if (ftype == 2 || ftype == 5) {
|
if (ftype == 2 || ftype == 5) {
|
||||||
ent_path = p_helper_ent_path;
|
ent_path = p_helper_ent_path;
|
||||||
|
@ -1389,13 +1390,13 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access
|
||||||
Error EditorExportPlatformMacOS::_export_macos_plugins_for(Ref<EditorExportPlugin> p_editor_export_plugin,
|
Error EditorExportPlatformMacOS::_export_macos_plugins_for(Ref<EditorExportPlugin> p_editor_export_plugin,
|
||||||
const String &p_app_path_name, Ref<DirAccess> &dir_access,
|
const String &p_app_path_name, Ref<DirAccess> &dir_access,
|
||||||
bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset,
|
bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset,
|
||||||
const String &p_ent_path, const String &p_helper_ent_path) {
|
const String &p_ent_path, const String &p_helper_ent_path, bool p_sandbox) {
|
||||||
Error error{ OK };
|
Error error{ OK };
|
||||||
const Vector<String> &macos_plugins{ p_editor_export_plugin->get_macos_plugin_files() };
|
const Vector<String> &macos_plugins{ p_editor_export_plugin->get_macos_plugin_files() };
|
||||||
for (int i = 0; i < macos_plugins.size(); ++i) {
|
for (int i = 0; i < macos_plugins.size(); ++i) {
|
||||||
String src_path{ ProjectSettings::get_singleton()->globalize_path(macos_plugins[i]) };
|
String src_path{ ProjectSettings::get_singleton()->globalize_path(macos_plugins[i]) };
|
||||||
String path_in_app{ p_app_path_name + "/Contents/PlugIns/" + src_path.get_file() };
|
String path_in_app{ p_app_path_name + "/Contents/PlugIns/" + src_path.get_file() };
|
||||||
error = _copy_and_sign_files(dir_access, src_path, path_in_app, p_sign_enabled, p_preset, p_ent_path, p_helper_ent_path, false);
|
error = _copy_and_sign_files(dir_access, src_path, path_in_app, p_sign_enabled, p_preset, p_ent_path, p_helper_ent_path, false, p_sandbox);
|
||||||
if (error != OK) {
|
if (error != OK) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -2168,11 +2169,11 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p
|
||||||
String src_path = ProjectSettings::get_singleton()->globalize_path(shared_objects[i].path);
|
String src_path = ProjectSettings::get_singleton()->globalize_path(shared_objects[i].path);
|
||||||
if (shared_objects[i].target.is_empty()) {
|
if (shared_objects[i].target.is_empty()) {
|
||||||
String path_in_app = tmp_app_path_name + "/Contents/Frameworks/" + src_path.get_file();
|
String path_in_app = tmp_app_path_name + "/Contents/Frameworks/" + src_path.get_file();
|
||||||
err = _copy_and_sign_files(da, src_path, path_in_app, sign_enabled, p_preset, ent_path, hlp_ent_path, true);
|
err = _copy_and_sign_files(da, src_path, path_in_app, sign_enabled, p_preset, ent_path, hlp_ent_path, true, sandbox);
|
||||||
} else {
|
} else {
|
||||||
String path_in_app = tmp_app_path_name.path_join(shared_objects[i].target);
|
String path_in_app = tmp_app_path_name.path_join(shared_objects[i].target);
|
||||||
tmp_app_dir->make_dir_recursive(path_in_app);
|
tmp_app_dir->make_dir_recursive(path_in_app);
|
||||||
err = _copy_and_sign_files(da, src_path, path_in_app.path_join(src_path.get_file()), sign_enabled, p_preset, ent_path, hlp_ent_path, false);
|
err = _copy_and_sign_files(da, src_path, path_in_app.path_join(src_path.get_file()), sign_enabled, p_preset, ent_path, hlp_ent_path, false, sandbox);
|
||||||
}
|
}
|
||||||
if (err != OK) {
|
if (err != OK) {
|
||||||
break;
|
break;
|
||||||
|
@ -2181,7 +2182,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p
|
||||||
|
|
||||||
Vector<Ref<EditorExportPlugin>> export_plugins{ EditorExport::get_singleton()->get_export_plugins() };
|
Vector<Ref<EditorExportPlugin>> export_plugins{ EditorExport::get_singleton()->get_export_plugins() };
|
||||||
for (int i = 0; i < export_plugins.size(); ++i) {
|
for (int i = 0; i < export_plugins.size(); ++i) {
|
||||||
err = _export_macos_plugins_for(export_plugins[i], tmp_app_path_name, da, sign_enabled, p_preset, ent_path, hlp_ent_path);
|
err = _export_macos_plugins_for(export_plugins[i], tmp_app_path_name, da, sign_enabled, p_preset, ent_path, hlp_ent_path, sandbox);
|
||||||
if (err != OK) {
|
if (err != OK) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
|
@ -94,10 +94,10 @@ class EditorExportPlatformMacOS : public EditorExportPlatform {
|
||||||
Error _code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code = true);
|
Error _code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code = true);
|
||||||
Error _copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path, const String &p_in_app_path,
|
Error _copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path, const String &p_in_app_path,
|
||||||
bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, const String &p_helper_ent_path,
|
bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, const String &p_helper_ent_path,
|
||||||
bool p_should_error_on_non_code_sign);
|
bool p_should_error_on_non_code_sign, bool p_sandbox);
|
||||||
Error _export_macos_plugins_for(Ref<EditorExportPlugin> p_editor_export_plugin, const String &p_app_path_name,
|
Error _export_macos_plugins_for(Ref<EditorExportPlugin> p_editor_export_plugin, const String &p_app_path_name,
|
||||||
Ref<DirAccess> &dir_access, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset,
|
Ref<DirAccess> &dir_access, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset,
|
||||||
const String &p_ent_path, const String &p_helper_ent_path);
|
const String &p_ent_path, const String &p_helper_ent_path, bool p_sandbox);
|
||||||
Error _create_dmg(const String &p_dmg_path, const String &p_pkg_name, const String &p_app_path_name);
|
Error _create_dmg(const String &p_dmg_path, const String &p_pkg_name, const String &p_app_path_name);
|
||||||
Error _create_pkg(const Ref<EditorExportPreset> &p_preset, const String &p_pkg_path, const String &p_app_path_name);
|
Error _create_pkg(const Ref<EditorExportPreset> &p_preset, const String &p_pkg_path, const String &p_app_path_name);
|
||||||
Error _export_debug_script(const Ref<EditorExportPreset> &p_preset, const String &p_app_name, const String &p_pkg_name, const String &p_path);
|
Error _export_debug_script(const Ref<EditorExportPreset> &p_preset, const String &p_app_name, const String &p_pkg_name, const String &p_path);
|
||||||
|
|
Loading…
Reference in New Issue