1#!/bin/bash -p 2 3# Copyright (c) 2009 The Chromium Authors. All rights reserved. 4# Use of this source code is governed by a BSD-style license that can be 5# found in the LICENSE file. 6 7# This script creates sign_app.sh and sign_versioned_dir.sh, the scripts that 8# will be used to sign the application bundle and inner bundles. It also 9# creates auxiliary files that these scripts need to do their jobs, such as 10# the custom resource rules used to sign the outermost application bundle. 11# The build places these in the "${mac_product_name} Packaging" directory next 12# to the .app bundle. The packaging system is expected to run these scripts to 13# sign everything. 14 15set -eu 16 17# Environment sanitization. Set a known-safe PATH. Clear environment variables 18# that might impact the interpreter's operation. The |bash -p| invocation 19# on the #! line takes the bite out of BASH_ENV, ENV, and SHELLOPTS (among 20# other features), but clearing them here ensures that they won't impact any 21# shell scripts used as utility programs. SHELLOPTS is read-only and can't be 22# unset, only unexported. 23export PATH="/usr/bin:/bin:/usr/sbin:/sbin" 24unset BASH_ENV CDPATH ENV GLOBIGNORE IFS POSIXLY_CORRECT 25export -n SHELLOPTS 26 27ME="$(basename "${0}")" 28readonly ME 29 30if [[ ${#} -ne 3 ]]; then 31 echo "usage: ${ME} packaging_dir mac_product_name version" >& 2 32 exit 1 33fi 34 35packaging_dir="${1}" 36mac_product_name="${2}" 37version="${3}" 38 39script_dir="$(dirname "${0}")" 40in_files=( 41 "${script_dir}/sign_app.sh.in" 42 "${script_dir}/sign_versioned_dir.sh.in" 43 "${script_dir}/app_resource_rules.plist.in" 44) 45 46# Double-backslash each dot: one backslash belongs in the regular expression, 47# and the other backslash tells sed not to treat the first backslash 48# specially. 49version_regex="$(echo "${version}" | sed -e 's/\./\\\\./g')" 50 51mkdir -p "${packaging_dir}" 52 53for in_file in "${in_files[@]}"; do 54 out_file="${packaging_dir}/$(basename "${in_file:0:${#in_file} - 3}")" 55 sed -e "s/@MAC_PRODUCT_NAME@/${mac_product_name}/g" \ 56 -e "s/@VERSION@/${version}/g" \ 57 -e "s/@VERSION_REGEX@/${version_regex}/g" \ 58 < "${in_file}" \ 59 > "${out_file}" 60 61 if [[ "${out_file: -3}" = ".sh" ]]; then 62 chmod +x "${out_file}" 63 fi 64done 65