diff options
| author | bruvzg <7645683+bruvzg@users.noreply.github.com> | 2024-07-18 23:40:49 +0300 |
|---|---|---|
| committer | bruvzg <7645683+bruvzg@users.noreply.github.com> | 2024-07-18 23:40:49 +0300 |
| commit | 975ee76e2b29e03929c5857570a62978e8f059b5 (patch) | |
| tree | d1af0e7192bdf6e527d7d3aa6c658f32ee64cf72 | |
| parent | ff8a2780ee777c2456ce42368e1065774c7c4c3f (diff) | |
| download | redot-engine-975ee76e2b29e03929c5857570a62978e8f059b5.tar.gz | |
[macOS] Fix codesigning of .NET helper executables when sandboxing is disabled.
| -rw-r--r-- | platform/macos/export/export_plugin.cpp | 17 | ||||
| -rw-r--r-- | platform/macos/export/export_plugin.h | 4 |
2 files changed, 11 insertions, 10 deletions
diff --git a/platform/macos/export/export_plugin.cpp b/platform/macos/export/export_plugin.cpp index 73e2f2d45b..a934e991a1 100644 --- a/platform/macos/export/export_plugin.cpp +++ b/platform/macos/export/export_plugin.cpp @@ -1213,6 +1213,7 @@ Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPres const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code) { static Vector<String> extensions_to_sign; + bool sandbox = p_preset->get("codesign/entitlements/app_sandbox/enabled"); if (extensions_to_sign.is_empty()) { extensions_to_sign.push_back("dylib"); extensions_to_sign.push_back("framework"); @@ -1239,7 +1240,7 @@ Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPres if (extensions_to_sign.has(current_file.get_extension())) { String ent_path = p_ent_path; bool set_bundle_id = false; - if (FileAccess::exists(current_file_path)) { + if (sandbox && FileAccess::exists(current_file_path)) { int ftype = MachO::get_filetype(current_file_path); if (ftype == 2 || ftype == 5) { ent_path = p_helper_ent_path; @@ -1274,7 +1275,7 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access const String &p_in_app_path, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, const String &p_helper_ent_path, - bool p_should_error_on_non_code_sign) { + bool p_should_error_on_non_code_sign, bool p_sandbox) { static Vector<String> extensions_to_sign; if (extensions_to_sign.is_empty()) { @@ -1368,7 +1369,7 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access if (extensions_to_sign.has(p_in_app_path.get_extension())) { String ent_path = p_ent_path; bool set_bundle_id = false; - if (FileAccess::exists(p_in_app_path)) { + if (p_sandbox && FileAccess::exists(p_in_app_path)) { int ftype = MachO::get_filetype(p_in_app_path); if (ftype == 2 || ftype == 5) { ent_path = p_helper_ent_path; @@ -1389,13 +1390,13 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access Error EditorExportPlatformMacOS::_export_macos_plugins_for(Ref<EditorExportPlugin> p_editor_export_plugin, const String &p_app_path_name, Ref<DirAccess> &dir_access, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, - const String &p_ent_path, const String &p_helper_ent_path) { + const String &p_ent_path, const String &p_helper_ent_path, bool p_sandbox) { Error error{ OK }; const Vector<String> &macos_plugins{ p_editor_export_plugin->get_macos_plugin_files() }; for (int i = 0; i < macos_plugins.size(); ++i) { String src_path{ ProjectSettings::get_singleton()->globalize_path(macos_plugins[i]) }; String path_in_app{ p_app_path_name + "/Contents/PlugIns/" + src_path.get_file() }; - error = _copy_and_sign_files(dir_access, src_path, path_in_app, p_sign_enabled, p_preset, p_ent_path, p_helper_ent_path, false); + error = _copy_and_sign_files(dir_access, src_path, path_in_app, p_sign_enabled, p_preset, p_ent_path, p_helper_ent_path, false, p_sandbox); if (error != OK) { break; } @@ -2168,11 +2169,11 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p String src_path = ProjectSettings::get_singleton()->globalize_path(shared_objects[i].path); if (shared_objects[i].target.is_empty()) { String path_in_app = tmp_app_path_name + "/Contents/Frameworks/" + src_path.get_file(); - err = _copy_and_sign_files(da, src_path, path_in_app, sign_enabled, p_preset, ent_path, hlp_ent_path, true); + err = _copy_and_sign_files(da, src_path, path_in_app, sign_enabled, p_preset, ent_path, hlp_ent_path, true, sandbox); } else { String path_in_app = tmp_app_path_name.path_join(shared_objects[i].target); tmp_app_dir->make_dir_recursive(path_in_app); - err = _copy_and_sign_files(da, src_path, path_in_app.path_join(src_path.get_file()), sign_enabled, p_preset, ent_path, hlp_ent_path, false); + err = _copy_and_sign_files(da, src_path, path_in_app.path_join(src_path.get_file()), sign_enabled, p_preset, ent_path, hlp_ent_path, false, sandbox); } if (err != OK) { break; @@ -2181,7 +2182,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p Vector<Ref<EditorExportPlugin>> export_plugins{ EditorExport::get_singleton()->get_export_plugins() }; for (int i = 0; i < export_plugins.size(); ++i) { - err = _export_macos_plugins_for(export_plugins[i], tmp_app_path_name, da, sign_enabled, p_preset, ent_path, hlp_ent_path); + err = _export_macos_plugins_for(export_plugins[i], tmp_app_path_name, da, sign_enabled, p_preset, ent_path, hlp_ent_path, sandbox); if (err != OK) { break; } diff --git a/platform/macos/export/export_plugin.h b/platform/macos/export/export_plugin.h index 6134d756b9..1929fc8d5f 100644 --- a/platform/macos/export/export_plugin.h +++ b/platform/macos/export/export_plugin.h @@ -94,10 +94,10 @@ class EditorExportPlatformMacOS : public EditorExportPlatform { Error _code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code = true); Error _copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path, const String &p_in_app_path, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, const String &p_helper_ent_path, - bool p_should_error_on_non_code_sign); + bool p_should_error_on_non_code_sign, bool p_sandbox); Error _export_macos_plugins_for(Ref<EditorExportPlugin> p_editor_export_plugin, const String &p_app_path_name, Ref<DirAccess> &dir_access, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, - const String &p_ent_path, const String &p_helper_ent_path); + const String &p_ent_path, const String &p_helper_ent_path, bool p_sandbox); Error _create_dmg(const String &p_dmg_path, const String &p_pkg_name, const String &p_app_path_name); Error _create_pkg(const Ref<EditorExportPreset> &p_preset, const String &p_pkg_path, const String &p_app_path_name); Error _export_debug_script(const Ref<EditorExportPreset> &p_preset, const String &p_app_name, const String &p_pkg_name, const String &p_path); |