Code signing issues with macports-gcc48 compiled binaries

Sun, 30 Jun 2013 11:26:35 -0700 

Hello.

I have troubles to codesign a binary compiled with gcc-mp-48

Previously I was using XCode's gcc (4.2.1) and everything was ok.

a.cpp:
int main() { return 1; }

Compiled with gcc 4.2.1:

    > /usr/bin/gcc a.cpp
    > security unlock-keychain ~/my.keychain
   password to unlock /Users/me/my.keychain: ********
    > codesign -f -s "identity" --keychain ~/my.keychain a.out
    > codesign -v -v a.out
   a.out: valid on disk
   a.out: satisfies its Designated Requirement
   (success)

Compiled with gcc 4.8 (macports)

    > /opt/local/bin/gcc-mp-4.8 a.cpp
    > security unlock-keychain ~/my.keychain
   password to unlock /Users/me/my.keychain: ********
    > codesign -f -s "identity" --keychain ~/my.keychain a.out
   codesign_allocate: object: /Users/me/a.out malformed object (unknown
   load command 9)
   a.out: object file format invalid or unsuitable
   (failure)

I then found out there was a codesign_allocate in macports bin, so I tried:

    > export CODESIGN_ALLOCATE=/opt/local/bin/codesign_allocate
    > security unlock-keychain ~/my.keychain
   password to unlock /Users/me/my.keychain: ********
    > codesign -f -s "identity" --keychain ~/my.keychain a.out
   a.out: code object is not signed
Uh? When I specify macports codesign_allocate, codesign doesn't even try to sign, it just verifies the (unavailable) signature of my binary.
However, detached signature works, with or without macports codesign_allocate: 

    > codesign -f -s "identity" --keychain ~/my.keychain a.out
   --detached a.out.signature
    > codesign -v -v a.out --detached a.out.signature
   a.out: valid on disk
   a.out: satisfies its Designated Requirement
So codesign and codesign_allocate works with gcc48-compiled binaries, but for some reason fails to understand that it should embed the signature in the binary.
Anybody have a clue about that? Or maybe a way to embed the signature after it has been created detached?
Note: My personal Mac/OSX knowledge is basic to medium, and I need to use only command-line tools to create working, ideally signed, binaries. The build process is highly automated on several platforms. 

Regards
NH

_______________________________________________
macports-users mailing list
[email protected]
https://lists.macosforge.org/mailman/listinfo/macports-users

Reply via email to