* codesigning gdb on darwin?
@ 2010-04-03 23:49 Jack Howarth
2010-04-04 1:46 ` Jack Howarth
0 siblings, 1 reply; 2+ messages in thread
From: Jack Howarth @ 2010-04-03 23:49 UTC (permalink / raw)
To: gdb
Has anyone managed to codesign a local build of
FSF gdb 7.1 on darwin9/10 using a local self-signed
certificate? In my attempt, I first created and trusted
a self-signed certificate in the KeyChain Access
application, created a Info.plist for the fsf-gdb
(built with a fsf- prefix) using the common name
from that self-signed certificate, built fsf-gdb
using -sectcreate __TEXT __info_plist ./gdb/Info.plist
added on LDFLAGS and then codesigned the installed
binary using the common name of the self signed
certificate. This doesn't provided access to the
required Mach port and 'codesign -d -r - /sw/bin/fsf-gdb'
shows...
Executable=/sw/bin/fsf-gdb
library => identifier "libz.1.2.3.dylib" and anchor apple or identifier "libSystem.B.dylib" and anchor apple
# designated => identifier "org.gnu.gdb" and certificate root = H"eee294eed062a327b66695ce2e283f03c31107da"
Has anyone tried this? Before I sign the fsf-gdb binary
'codesign -d -r' reports it as unsigned, but signing it
seems to silently default to org.gnu.gdb.
Jack
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: codesigning gdb on darwin?
2010-04-03 23:49 codesigning gdb on darwin? Jack Howarth
@ 2010-04-04 1:46 ` Jack Howarth
0 siblings, 0 replies; 2+ messages in thread
From: Jack Howarth @ 2010-04-04 1:46 UTC (permalink / raw)
To: gdb
On Sat, Apr 03, 2010 at 07:48:36PM -0400, Jack Howarth wrote:
> Has anyone managed to codesign a local build of
> FSF gdb 7.1 on darwin9/10 using a local self-signed
> certificate? In my attempt, I first created and trusted
> a self-signed certificate in the KeyChain Access
> application, created a Info.plist for the fsf-gdb
> (built with a fsf- prefix) using the common name
> from that self-signed certificate, built fsf-gdb
> using -sectcreate __TEXT __info_plist ./gdb/Info.plist
> added on LDFLAGS and then codesigned the installed
> binary using the common name of the self signed
> certificate. This doesn't provided access to the
> required Mach port and 'codesign -d -r - /sw/bin/fsf-gdb'
> shows...
>
> Executable=/sw/bin/fsf-gdb
> library => identifier "libz.1.2.3.dylib" and anchor apple or identifier "libSystem.B.dylib" and anchor apple
> # designated => identifier "org.gnu.gdb" and certificate root = H"eee294eed062a327b66695ce2e283f03c31107da"
>
> Has anyone tried this? Before I sign the fsf-gdb binary
> 'codesign -d -r' reports it as unsigned, but signing it
> seems to silently default to org.gnu.gdb.
> Jack
To answer my own question, it appears that you have to use the
-i option in codesign...
codesign -f -s 'Jack Howarth' -i 'Jack Howarth' -vvvv /sw/bin/fsf-gdb
...produces...
/sw/bin/fsf-gdb: replacing existing signature
/sw/bin/fsf-gdb: signed Mach-O thin (i386) [Jack Howarth]
So now it is a matter of puzzling out how to give fsf-gdb enough
entitlements to access the required Mach port.
Jack
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-04-04 1:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-04-03 23:49 codesigning gdb on darwin? Jack Howarth
2010-04-04 1:46 ` Jack Howarth
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox