On 4/23/2009 8:19 PM, Yuhui H wrote: >> The fastest workaround is to hand-edit your spec file and add >> "append_pkg=False" as keyword argument in the call to the EXE() function. >> >> This will create a different layout. Instead of having a single >> executable with the big archive of data appended to it, you will have a >> small executable (eg: foobar.exe) and a package on the side >> (foobar.pkg). This would make signing work. > > Do note however, that this also defeats the purpose of "signing". Now > your are only certifying the stub, and your application logic can be > easily changed without invalidating the signature on the stub.
That's completely true! Anyway, I've fixed the actual problem in commit [647]. Moreover: the executable was looking for the external .pkg file as first option; this also defeats the purpose of the digital signature, so I inverted the order (it now checks first for the embedded archive, and falls back to look for an external package). Krzysztof, please update to the latest version of SVN trunk (notice that the repository is changed, so you might need a fresh checkout!) and everything should work correctly even without the append_pkg workaround. Let me know if it works for you. -- Giovanni Bajo Develer S.r.l. http://www.develer.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "PyInstaller" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/PyInstaller?hl=en -~----------~----~----~----~------~----~------~--~---
