fix: update macOS build to use Waterfox identifiers
This commit is contained in:
Alex Kontos
@@ -73,7 +73,7 @@ def mac_prod_requirements_string(identifier):
|
|||||||
f'identifier "{identifier}" and anchor apple generic and '
|
f'identifier "{identifier}" and anchor apple generic and '
|
||||||
"certificate 1[field.1.2.840.113635.100.6.2.6] and "
|
"certificate 1[field.1.2.840.113635.100.6.2.6] and "
|
||||||
"certificate leaf[field.1.2.840.113635.100.6.1.13] and "
|
"certificate leaf[field.1.2.840.113635.100.6.1.13] and "
|
||||||
'certificate leaf[subject.OU] = "43AQ936H96"'
|
'certificate leaf[subject.OU] = "PZWYM7N4GF"'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@@ -95,7 +95,7 @@ set_config("MOZ_SMAUTHORIZEDCLIENTS_REQUIREMENTS", smauthorizedclients_requireme
|
|||||||
|
|
||||||
@depends("--enable-mac-elevated-updates-with-generic-certs", when=target_is_osx)
|
@depends("--enable-mac-elevated-updates-with-generic-certs", when=target_is_osx)
|
||||||
def smprivilegedexec_requirements(enabled):
|
def smprivilegedexec_requirements(enabled):
|
||||||
updater_id = "org.mozilla.updater"
|
updater_id = "net.waterfox.updater"
|
||||||
if enabled:
|
if enabled:
|
||||||
return mac_relaxed_requirements_string(updater_id)
|
return mac_relaxed_requirements_string(updater_id)
|
||||||
else:
|
else:
|
||||||
|
|||||||
@@ -2,23 +2,23 @@
|
|||||||
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
||||||
<!--
|
<!--
|
||||||
Entitlements to apply to the main browser process executable during
|
Entitlements to apply to the main browser process executable during
|
||||||
codesigning of production channel builds.
|
codesigning of production channel builds for Waterfox.
|
||||||
-->
|
-->
|
||||||
<plist version="1.0">
|
<plist version="1.0">
|
||||||
<dict>
|
<dict>
|
||||||
<!-- Allow loading third party libraries to support pkcs11 modules -->
|
<!-- Allow loading third party libraries to support pkcs11 modules -->
|
||||||
<key>com.apple.security.cs.disable-library-validation</key><true/>
|
<key>com.apple.security.cs.disable-library-validation</key><true/>
|
||||||
|
|
||||||
<!-- Firefox needs to create executable pages with MAP_JIT on aarch64 -->
|
<!-- Waterfox needs to create executable pages with MAP_JIT on aarch64 -->
|
||||||
<key>com.apple.security.cs.allow-jit</key><true/>
|
<key>com.apple.security.cs.allow-jit</key><true/>
|
||||||
|
|
||||||
<!-- Firefox needs to access the microphone on sites the user allows -->
|
<!-- Waterfox needs to access the microphone on sites the user allows -->
|
||||||
<key>com.apple.security.device.audio-input</key><true/>
|
<key>com.apple.security.device.audio-input</key><true/>
|
||||||
|
|
||||||
<!-- Firefox needs to access the camera on sites the user allows -->
|
<!-- Waterfox needs to access the camera on sites the user allows -->
|
||||||
<key>com.apple.security.device.camera</key><true/>
|
<key>com.apple.security.device.camera</key><true/>
|
||||||
|
|
||||||
<!-- Firefox needs to access the location on sites the user allows -->
|
<!-- Waterfox needs to access the location on sites the user allows -->
|
||||||
<key>com.apple.security.personal-information.location</key><true/>
|
<key>com.apple.security.personal-information.location</key><true/>
|
||||||
|
|
||||||
<!-- For SmartCardServices(7) -->
|
<!-- For SmartCardServices(7) -->
|
||||||
@@ -26,7 +26,7 @@
|
|||||||
|
|
||||||
<!-- Required for com.apple.developer.web-browser.public-key-credential -->
|
<!-- Required for com.apple.developer.web-browser.public-key-credential -->
|
||||||
<key>com.apple.application-identifier</key>
|
<key>com.apple.application-identifier</key>
|
||||||
<string>43AQ936H96.org.mozilla.firefox</string>
|
<string>PZWYM7N4GF.net.waterfox.waterfox</string>
|
||||||
|
|
||||||
<!-- For platform passkey (webauthn) support -->
|
<!-- For platform passkey (webauthn) support -->
|
||||||
<key>com.apple.developer.web-browser.public-key-credential</key><true/>
|
<key>com.apple.developer.web-browser.public-key-credential</key><true/>
|
||||||
|
|||||||
@@ -1017,7 +1017,7 @@ mac-signing:
|
|||||||
- "/Contents/MacOS/crashreporter.app"
|
- "/Contents/MacOS/crashreporter.app"
|
||||||
- "/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework"
|
- "/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework"
|
||||||
- "/Contents/MacOS/updater.app"
|
- "/Contents/MacOS/updater.app"
|
||||||
- "/Contents/Library/LaunchServices/org.mozilla.updater"
|
- "/Contents/Library/LaunchServices/net.waterfox.updater"
|
||||||
- "/Contents/MacOS/XUL"
|
- "/Contents/MacOS/XUL"
|
||||||
- "/Contents/MacOS/pingsender"
|
- "/Contents/MacOS/pingsender"
|
||||||
- "/Contents/MacOS/nmhproxy"
|
- "/Contents/MacOS/nmhproxy"
|
||||||
@@ -1062,7 +1062,7 @@ mac-signing:
|
|||||||
- "/Contents/MacOS/crashreporter.app"
|
- "/Contents/MacOS/crashreporter.app"
|
||||||
- "/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework"
|
- "/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework"
|
||||||
- "/Contents/MacOS/updater.app"
|
- "/Contents/MacOS/updater.app"
|
||||||
- "/Contents/Library/LaunchServices/org.mozilla.updater"
|
- "/Contents/Library/LaunchServices/net.waterfox.updater"
|
||||||
- "/Contents/MacOS/pingsender"
|
- "/Contents/MacOS/pingsender"
|
||||||
- "/Contents/MacOS/nmhproxy"
|
- "/Contents/MacOS/nmhproxy"
|
||||||
- "/Contents/Frameworks/ChannelPrefs.framework"
|
- "/Contents/Frameworks/ChannelPrefs.framework"
|
||||||
|
|||||||
@@ -61,7 +61,7 @@ void SetupMacCommandLine(int& argc, char**& argv, bool forRestart) {
|
|||||||
// Essentially, we are using the updater as a relauncher process.
|
// Essentially, we are using the updater as a relauncher process.
|
||||||
NSString* updaterPath = [[path stringByDeletingLastPathComponent]
|
NSString* updaterPath = [[path stringByDeletingLastPathComponent]
|
||||||
stringByAppendingPathComponent:
|
stringByAppendingPathComponent:
|
||||||
@"updater.app/Contents/MacOS/org.mozilla.updater"];
|
@"updater.app/Contents/MacOS/net.waterfox.updater"];
|
||||||
AddToCommandLine(updaterPath.UTF8String);
|
AddToCommandLine(updaterPath.UTF8String);
|
||||||
AddToCommandLine("--openAppBundle");
|
AddToCommandLine("--openAppBundle");
|
||||||
}
|
}
|
||||||
@@ -76,7 +76,7 @@ void SetupMacCommandLine(int& argc, char**& argv, bool forRestart) {
|
|||||||
// versions of macOS and we may be able to switch to the NSWorkspace API once
|
// versions of macOS and we may be able to switch to the NSWorkspace API once
|
||||||
// we no longer support the older versions of macOS where these errors occur.
|
// we no longer support the older versions of macOS where these errors occur.
|
||||||
// See bug 1911178.
|
// See bug 1911178.
|
||||||
if (![path hasSuffix:@"org.mozilla.updater"] && ![path hasSuffix:@".app"]) {
|
if (![path hasSuffix:@"net.waterfox.updater"] && ![path hasSuffix:@".app"]) {
|
||||||
// Ensure that the path in the first argument points to the .app bundle.
|
// Ensure that the path in the first argument points to the .app bundle.
|
||||||
// This strips three last path components, for example:
|
// This strips three last path components, for example:
|
||||||
//
|
//
|
||||||
@@ -85,7 +85,7 @@ void SetupMacCommandLine(int& argc, char**& argv, bool forRestart) {
|
|||||||
path = [[[path stringByDeletingLastPathComponent]
|
path = [[[path stringByDeletingLastPathComponent]
|
||||||
stringByDeletingLastPathComponent] stringByDeletingLastPathComponent];
|
stringByDeletingLastPathComponent] stringByDeletingLastPathComponent];
|
||||||
}
|
}
|
||||||
if (![path hasSuffix:@"org.mozilla.updater"] && ![path hasSuffix:@".app"]) {
|
if (![path hasSuffix:@"net.waterfox.updater"] && ![path hasSuffix:@".app"]) {
|
||||||
// We were unable to obtain the path to the .app bundle and are unable to
|
// We were unable to obtain the path to the .app bundle and are unable to
|
||||||
// build a valid command line.
|
// build a valid command line.
|
||||||
return;
|
return;
|
||||||
|
|||||||
@@ -37,7 +37,7 @@ from mozbuild.base import MachCommandConditions as conditions
|
|||||||
"Release channel entitlements, but the configuration used will be the "
|
"Release channel entitlements, but the configuration used will be the "
|
||||||
"Release configuration as defined in the repo working directory, not the "
|
"Release configuration as defined in the repo working directory, not the "
|
||||||
"configuration from the revision of the earlier 120 build.",
|
"configuration from the revision of the earlier 120 build.",
|
||||||
conditions=[conditions.is_firefox],
|
# conditions=[conditions.is_firefox],
|
||||||
)
|
)
|
||||||
@CommandArgument(
|
@CommandArgument(
|
||||||
"-v",
|
"-v",
|
||||||
@@ -378,10 +378,10 @@ def auto_detect_channel(ctx, app):
|
|||||||
# The bundle IDs for different channels. We use these strings to
|
# The bundle IDs for different channels. We use these strings to
|
||||||
# auto-detect the channel being signed. Different channels use
|
# auto-detect the channel being signed. Different channels use
|
||||||
# different entitlement files.
|
# different entitlement files.
|
||||||
NIGHTLY_BUNDLEID = "org.mozilla.nightly"
|
NIGHTLY_BUNDLEID = "net.mozilla.nightly"
|
||||||
DEVEDITION_BUNDLEID = "org.mozilla.firefoxdeveloperedition"
|
DEVEDITION_BUNDLEID = "org.mozilla.firefoxdeveloperedition"
|
||||||
# BETA uses the same bundle ID as Release
|
# BETA uses the same bundle ID as Release
|
||||||
RELEASE_BUNDLEID = "org.mozilla.firefox"
|
RELEASE_BUNDLEID = "net.waterfox.waterfox"
|
||||||
|
|
||||||
info_plist = os.path.join(app, "Contents/Info.plist")
|
info_plist = os.path.join(app, "Contents/Info.plist")
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user