Sat Apr 27 10:47:12 2019: Request 129312 was acted upon. Transaction: Correspondence added by [email protected] Queue: PAR-Packer Subject: Re: [rt.cpan.org #129312] Code signing for OSX Broken in: (no value) Severity: (no value) Owner: Nobody Requestors: [email protected] Status: open Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=129312 >
Hmm, I sense a problem here. In the linked comments from Mr Schupp, he states that the PAR signature can be located in the last 128K of the binary. However, it seems that codesign, at least with the cert etc. I am using, adds about 180K to the binary and so the signature can’t be found in the last 128K. Would that account for the error I noted below? PK > On 27 Apr 2019, at 4:33 pm, Kime Philip via RT <[email protected]> > wrote: > > Sat Apr 27 10:33:53 2019: Request 129312 was acted upon. > Transaction: Correspondence added by [email protected] > Queue: PAR-Packer > Subject: Re: [rt.cpan.org #129312] Code signing for OSX > Broken in: (no value) > Severity: (no value) > Owner: Nobody > Requestors: [email protected] > Status: open > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=129312 > > > > I can get part of the way so far. I can manually fix the binary headers which > makes codesign at least run but this breaks PAR. This is expected I suppose > and we need to make some more modifications … > >> codesign -s "Code Signing Test" -v b > b: signed Mach-O thin (x86_64) [b] > >> ./b > format error: can't find EOCD signature > at /loader/HASH(0x7fcef88aa428)/Archive/Zip/Archive.pm line 723. > > Archive::Zip::Archive::_findEndOfCentralDirectory(Archive::Zip::Archive=HASH(0x7fcef88e1a88), > IO::File=GLOB(0x7fcef8d6af98)) called at > /loader/HASH(0x7fcef88aa428)/Archive/Zip/Archive.pm line 596 > > Archive::Zip::Archive::readFromFileHandle(Archive::Zip::Archive=HASH(0x7fcef88e1a88), > IO::File=GLOB(0x7fcef8d6af98), "/Users/philkime/Desktop/NB/./b") called at > -e line 373 > eval {...} called at -e line 41 > __par_pl::BEGIN() called at -e line 614 > eval {...} called at -e line 614 > : at -e line 373. > >> On 27 Apr 2019, at 2:28 pm, claudio claudio via RT >> <[email protected]> wrote: >> >> <URL: https://rt.cpan.org/Ticket/Display.html?id=129312 > >> >> Hi, you are right. It was in the mailing list [email protected] : you find it >> here: https://www.nntp.perl.org/group/perl.par/ >> PS: You are right about the urgency of the issue as it will become >> mandatary anytime soon. >> >> Welle >> >> >> >> Am Sa., 27. Apr. 2019 um 14:00 Uhr schrieb Kime Philip via RT < >> [email protected]>: >> >>> Sat Apr 27 08:00:20 2019: Request 129312 was acted upon. >>> Transaction: Correspondence added by [email protected] >>> Queue: PAR-Packer >>> Subject: Re: [rt.cpan.org #129312] Code signing for OSX >>> Broken in: (no value) >>> Severity: (no value) >>> Owner: Nobody >>> Requestors: [email protected] >>> Status: open >>> Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=129312 > >>> >>> >>> Hmm, I couldn’t see anything in the acrhive - do you have a link? I may >>> look into this as PAR::Packer .exes will become an issue on OSX in the >>> future if this isn’t solved given that codesigning will become mandatory. >>> >>> PK >>> >>>> On 25 Apr 2019, at 6:53 pm, claudio claudio via RT < >>> [email protected]> wrote: >>>> >>>> Thu Apr 25 12:53:32 2019: Request 129312 was acted upon. >>>> Transaction: Correspondence added by [email protected] >>>> Queue: PAR-Packer >>>> Subject: Re: [rt.cpan.org #129312] Code signing for OSX >>>> Broken in: (no value) >>>> Severity: (no value) >>>> Owner: Nobody >>>> Requestors: [email protected] >>>> Status: new >>>> Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=129312 > >>>> >>>> >>>> I've done a lot of research in the last few weeks on the topic (and >>> asked a >>>> similar question here, see archive to see the interesting insights that >>>> came out). The short answer is that executable created with PAR::Packer >>> can >>>> NOT be codesigned out-of-the-box on OSX (I have no problems to codesign >>> it >>>> on Windows though). I virtually met a guy that has written a small >>>> application that can modify the executable so that it can be codesigned >>> on >>>> OSX. Unfortunately, it is not open source and a fee is required. >>>> >>>> < >>> http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail >>>> >>>> Virenfrei. >>>> www.avg.com >>>> < >>> http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail >>>> >>>> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> >>>> >>>> Am Do., 25. Apr. 2019 um 18:34 Uhr schrieb Philip Kime via RT < >>>> [email protected]>: >>>> >>>>> Thu Apr 25 12:34:17 2019: Request 129312 was acted upon. >>>>> Transaction: Ticket created by [email protected] >>>>> Queue: PAR-Packer >>>>> Subject: Code signing for OSX >>>>> Broken in: (no value) >>>>> Severity: (no value) >>>>> Owner: Nobody >>>>> Requestors: [email protected] >>>>> Status: new >>>>> Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=129312 > >>>>> >>>>> >>>>> Has anyone managed to codesign PAR::Packer executables on OSX? I believe >>>>> that in OSX 10.15, this will start to be mandatory for mainstream >>> binaries >>>>> and since I provide a binary for a major opens-source software >>> distribution >>>>> (TeXLive/MacTeX), I will need to codesign the packed binaries. >>>>> >>>>> PK >>>>> -- >>>>> Dr Philip Kime >>>>> >>> >>> -- >>> Dr Philip Kime >>> >> > > -- > Dr Philip Kime -- Dr Philip Kime
