diff options
author | Gerald Combs <gerald@wireshark.org> | 2013-11-10 21:44:50 +0000 |
---|---|---|
committer | Gerald Combs <gerald@wireshark.org> | 2013-11-10 21:44:50 +0000 |
commit | 1fc8fd9ba20e74da6116f7daf430329a8d32c4c5 (patch) | |
tree | acac769e813a10ec32ceb1b6464b92691ab6b238 /packaging | |
parent | 4945174ae6e9200f65db68a85d1805523d6ccc43 (diff) |
Be exceedingly diligent about checking OS X package signatures.
svn path=/trunk/; revision=53242
Diffstat (limited to 'packaging')
-rwxr-xr-x | packaging/macosx/osx-dmg.sh.in | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/packaging/macosx/osx-dmg.sh.in b/packaging/macosx/osx-dmg.sh.in index 952cf63c67..4efd39d915 100755 --- a/packaging/macosx/osx-dmg.sh.in +++ b/packaging/macosx/osx-dmg.sh.in @@ -164,8 +164,9 @@ if [ -n "$CODE_SIGN_IDENTITY" ] ; then mv "$pkg_file" "$pkg_file_unsigned" || exit 1 productsign --sign "Developer ID Installer: $CODE_SIGN_IDENTITY" "$pkg_file_unsigned" "$pkg_file" || exit 1 codesign --sign "$CODE_SIGN_IDENTITY" --verify "$pkg_file" || exit 1 - spctl --assess --type install "$pkg_file" #|| exit 1 - shasum "$pkg_file" + spctl --assess --type install "$pkg_file" || exit 1 + pkgutil --check-signature "$pkg_file" || exit 1 + shasum "$pkg_file" rm -rf "$pkg_dir_unsigned" "$pkg_file_unsigned" "$pkg_file_flattened" else echo "Code signing not performed (no identity)" |