diff options
author | Michael Brüning <michael.bruning@qt.io> | 2020-03-26 16:11:56 +0100 |
---|---|---|
committer | Michael Brüning <michael.bruning@qt.io> | 2020-03-31 12:24:33 +0100 |
commit | 89ea26e93ee0410fb3a33b315d928fce05c3ef9e (patch) | |
tree | 4e2e9466f7124a23314d60593a06720493b8f103 /src/macdeployqt/shared/shared.cpp | |
parent | ebb0380a4ef3410f5957b472203360fd67fe3b1d (diff) |
[macdeployqt] Add option to include secure timestamp when signing
Apple now requires the developer to include a secure timestamp in the
application's signature in order for notarization to succeed.
Add an option to do this to macdeployqt.
Change-Id: Ia884de80822661abcf65a287e4dc8429ec24b766
Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>
Diffstat (limited to 'src/macdeployqt/shared/shared.cpp')
-rw-r--r-- | src/macdeployqt/shared/shared.cpp | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/macdeployqt/shared/shared.cpp b/src/macdeployqt/shared/shared.cpp index cc3b2607b..607dce880 100644 --- a/src/macdeployqt/shared/shared.cpp +++ b/src/macdeployqt/shared/shared.cpp @@ -55,6 +55,7 @@ QStringList librarySearchPath; QString codesignIdentiy; QString extraEntitlements; bool hardenedRuntime = false; +bool secureTimestamp = false; bool appstoreCompliant = false; int logLevel = 1; bool deployFramework = false; @@ -1392,7 +1393,9 @@ void codesignFile(const QString &identity, const QString &filePath) QString codeSignLogMessage = "codesign"; if (hardenedRuntime) - codeSignLogMessage += ", enable hardned runtime"; + codeSignLogMessage += ", enable hardened runtime"; + if (secureTimestamp) + codeSignLogMessage += ", include secure timestamp"; LogNormal() << codeSignLogMessage << filePath; QStringList codeSignOptions = { "--preserve-metadata=identifier,entitlements", "--force", "-s", @@ -1400,6 +1403,9 @@ void codesignFile(const QString &identity, const QString &filePath) if (hardenedRuntime) codeSignOptions << "-o" << "runtime"; + if (secureTimestamp) + codeSignOptions << "--timestamp"; + if (!extraEntitlements.isEmpty()) codeSignOptions << "--entitlements" << extraEntitlements; |