diff options
author | Janek Bevendorff <janek@jbev.net> | 2020-03-25 02:24:27 +0300 |
---|---|---|
committer | Janek Bevendorff <janek@jbev.net> | 2020-04-09 17:22:42 +0300 |
commit | e9754efbbe2f6da03b29d42606cb5365e4cd489e (patch) | |
tree | f0cd86eda8756f550280a2e774824f80570c7237 /share | |
parent | f8c962bd253ab4d5c0ce2fe7029688057e50a778 (diff) |
Fix macOS 10.15.4 codesigning crash.
The recent macOS security patch renders our codesigning
"fix" of setting the sandbox entitlement to false twice
unusable. This patch adds a full provisioning profile
and adjusts the signing procedure to not include
entitlements for Qt frameworks.
The patch also changes the app and bundle ID, so granted
accessibility privileges have to be granted again after
installing the update.
Fixes #4398
Fixes #4515
Diffstat (limited to 'share')
-rw-r--r-- | share/macosx/Info.plist.cmake | 6 | ||||
-rw-r--r-- | share/macosx/embedded.provisionprofile | bin | 0 -> 7610 bytes | |||
-rw-r--r-- | share/macosx/keepassxc.entitlements | 37 |
3 files changed, 11 insertions, 32 deletions
diff --git a/share/macosx/Info.plist.cmake b/share/macosx/Info.plist.cmake index b38ca2844..53e489742 100644 --- a/share/macosx/Info.plist.cmake +++ b/share/macosx/Info.plist.cmake @@ -15,7 +15,7 @@ <key>CFBundleIconFile</key> <string>keepassxc.icns</string> <key>CFBundleIdentifier</key> - <string>org.keepassx.keepassxc</string> + <string>org.keepassxc.keepassxc</string> <key>CFBundleInfoDictionaryVersion</key> <string>6.0</string> <key>CFBundleName</key> @@ -25,11 +25,11 @@ <key>CFBundleShortVersionString</key> <string>${KEEPASSXC_VERSION}</string> <key>CFBundleSignature</key> - <string>KEPX</string> + <string>KPXC</string> <key>CFBundleVersion</key> <string>${KEEPASSXC_VERSION_NUM}</string> <key>NSHumanReadableCopyright</key> - <string>Copyright 2016-2018 KeePassXC Development Team</string> + <string>Copyright 2016-2020 KeePassXC Development Team</string> <key>CFBundleDocumentTypes</key> <array> <dict> diff --git a/share/macosx/embedded.provisionprofile b/share/macosx/embedded.provisionprofile Binary files differnew file mode 100644 index 000000000..6fb14fd57 --- /dev/null +++ b/share/macosx/embedded.provisionprofile diff --git a/share/macosx/keepassxc.entitlements b/share/macosx/keepassxc.entitlements index 2645a2031..7126b7ac5 100644 --- a/share/macosx/keepassxc.entitlements +++ b/share/macosx/keepassxc.entitlements @@ -1,33 +1,12 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> - <dict> - <key>com.apple.application-identifier</key> - <string>org.keepassx.keepassxc</string> - <key>com.apple.developer.aps-environment</key> - <string>production</string> - - <key>keychain-access-groups</key> - <array> - <string>org.keepassx.keepassxc</string> - </array> - - <!-- Sandbox entitlements stub for future reference. - For whatever reason, we have to set this twice. - Otherwise a signed application crashes on startup --> - <key>com.apple.security.app-sandbox</key> - <false/> - <key>com.apple.security.app-sandbox</key> - <false/> - <!--key>com.apple.security.network.client</key> - <true/> - <key>com.apple.security.files.user-selected.read-write</key> - <true/> - <key>com.apple.security.device.usb</key> - <true/> - <key>com.apple.security.print</key> - <true/> - <key>com.apple.security.files.user-selected.read-only</key> - <false/--> - </dict> +<dict> + <key>com.apple.application-identifier</key> + <string>G2S7P7J672.org.keepassxc.keepassxc</string> + <key>keychain-access-groups</key> + <array> + <string>G2S7P7J672.org.keepassxc.keepassxc</string> + </array> +</dict> </plist> |