[cmake-developers] Support of codesign
Clinton Stimpson
clinton at elemtech.com
Tue Oct 21 11:44:33 EDT 2014
On Tuesday, October 21, 2014 04:37:56 PM A. Klitzing wrote:
> Hi,
>
> I attached another patch to address the given issues.
>
> On 09/26/2014 10:08 AM, clinton at elemtech.com wrote:
> > > I would suggest the SignPackage function be moved from
> > > cmCPackDragNDropGenerator to cmCPackBundleGenerator because
> > > its implementation is only usable by cmCPackBundleGenerator.
> > > It uses CPACK_BUNDLE_NAME which is only valid in the context
> > > of cmCPackBundleGenerator.
>
> Yes, I moved it and DragNDrop is untouched now. That was just a
> copy+paste+modify mistake.
>
> > On 09/29/2014 09:55 AM, clinton at elemtech.com wrote:
> > > Because it appears to only work with the Bundle generator, can
> > > you please move the documentation from Modules/CPackDMG.cmake
> > > to Modules/CPackBundle.cmake?
> > > Or did you intend to make this feature work for both the
> > > DragNDrop and Bundle generator?
>
> Same here....
>
> > On 09/29/2014 02:00 PM, Clinton Stimpson wrote:
> > > I think application signing is generally not a CPack thing, but
> > > there probably isn't much of a choice if the Bundle generator
> > > is used.
>
> Well, it isn't possible to sign that bundle without it. There must be a
> step between bundle and dmg. Maybe cmake could support that, too. So custom
> processing could be more flexible.
It *is* possible by using the more customizable DragNDrop generator. With the
DragNDrop generator, you will have a chance to sign the bundle before its put
into a dmg. You also have that same chance with the PackageMaker generator.
Because the design of this Bundle generator is not consistent with the rest of
the CPack generators, you don't have this same chance, and the only way to do
customization is to keep adding patches like yours.
> But I think cmake should support more codesigning tools by itself to unify
> the handling. For example.... we sign our MSI for windows with a custom
> command. This could be integrated into a unifed CPACK variable.
A code signing solution in CMake would be an interesting proposition.
Clint
More information about the cmake-developers
mailing list