From 0bb00baacfc54c67f17f372f933c8d261d95d5c5 Mon Sep 17 00:00:00 2001 From: Jason Rhinelander Date: Tue, 27 Jul 2021 15:43:48 -0300 Subject: [PATCH] Various cmake build cleanups/refactors - Added contrib/macos/README.txt with description of the cancer happening here. - Add provisioningprofiles that Apple wants to make things work properly - Made the entitlements files match the provisioningprofiles - Remove configured entitlements files; we *can't* change any of the things here because they are closedly tied to the provisioningprofiles -- which means if someone wants to build their own Lokinet, they have to replace a bunch of crap and change application IDs throughout. This is the hostile-to-open-source Apple way. - Remove unused old lokinet binary, as we're no longer using it on macos - Use a POST_BUILD rather than install to copy things around into the right places - Convert all the configure_file's to consistently use @ONLY - Misc cleanups --- contrib/mac.sh | 4 +- contrib/macos/LokinetExtension.Info.plist.in | 2 +- contrib/macos/README.txt | 23 +++++++ .../lokinet-extension.entitlements.plist | 32 ++++++++++ .../lokinet-extension.entitlements.plist.in | 25 -------- .../macos/lokinet-extension.provisionprofile | Bin 0 -> 13123 bytes contrib/macos/lokinet.entitlements.plist | 32 ++++++++++ contrib/macos/lokinet.entitlements.plist.in | 24 -------- contrib/macos/lokinet.provisionprofile | Bin 0 -> 13010 bytes contrib/macos/sign.sh.in | 10 ++- daemon/CMakeLists.txt | 57 +++++++++--------- llarp/CMakeLists.txt | 18 +++--- 12 files changed, 136 insertions(+), 91 deletions(-) create mode 100644 contrib/macos/README.txt create mode 100644 contrib/macos/lokinet-extension.entitlements.plist delete mode 100644 contrib/macos/lokinet-extension.entitlements.plist.in create mode 100644 contrib/macos/lokinet-extension.provisionprofile create mode 100644 contrib/macos/lokinet.entitlements.plist delete mode 100644 contrib/macos/lokinet.entitlements.plist.in create mode 100644 contrib/macos/lokinet.provisionprofile diff --git a/contrib/mac.sh b/contrib/mac.sh index 62e14802e..bfbaf712b 100755 --- a/contrib/mac.sh +++ b/contrib/mac.sh @@ -22,7 +22,7 @@ cmake \ -DFORCE_OXENMQ_SUBMODULE=ON \ -DSUBMODULE_CHECK=OFF \ -DWITH_LTO=OFF \ - -DCMAKE_INSTALL_PREFIX=$(pwd) \ -DCMAKE_BUILD_TYPE=Release \ - $@ .. + "$@" \ + .. ninja install && ninja sign diff --git a/contrib/macos/LokinetExtension.Info.plist.in b/contrib/macos/LokinetExtension.Info.plist.in index 7f6ecadbb..30dc5f8ea 100644 --- a/contrib/macos/LokinetExtension.Info.plist.in +++ b/contrib/macos/LokinetExtension.Info.plist.in @@ -21,7 +21,7 @@ lokinet CFBundleVersion - ${LOKINET_VERSION} + @LOKINET_VERSION@ ITSAppUsesNonExemptEncryption diff --git a/contrib/macos/README.txt b/contrib/macos/README.txt new file mode 100644 index 000000000..f79fd33d0 --- /dev/null +++ b/contrib/macos/README.txt @@ -0,0 +1,23 @@ +This directory contains the magical incantations and random voodoo symbols needed to coax an Apple +build. There's no reason builds have to be this stupid, except that Apple wants to funnel everyone +into the no-CI, no-help, undocumented, non-toy-apps-need-not-apply modern Apple culture. + +This is disgusting. + + + + +These two files, in particular, are the very worst manifestations of this Apple cancer: they are +required for proper permissions to run on macOS, are undocumented, and can only be regenerated +through the entirely closed source Apple Developer backend: + + lokinet.provisionprofile + lokinet-extension.provisionprofile + +This is actively hostile to open source development, but that is nothing new for Apple. + +If you are reading this to try to build Lokinet for yourself for an Apple operating system and +simultaneously care about open source, privacy, or freedom then you, my friend, are a walking +contradiction: you are trying to get Lokinet to work on a platform that actively despises open +source, privacy, and freedom. Even Windows is a better choice in all of these categories than +Apple. diff --git a/contrib/macos/lokinet-extension.entitlements.plist b/contrib/macos/lokinet-extension.entitlements.plist new file mode 100644 index 000000000..e5dd7cbfc --- /dev/null +++ b/contrib/macos/lokinet-extension.entitlements.plist @@ -0,0 +1,32 @@ + + + + + + com.apple.developer.networking.networkextension + + packet-tunnel-provider-systemextension + app-proxy-provider-systemextension + content-filter-provider-systemextension + dns-proxy-systemextension + dns-settings + + + com.apple.developer.networking.vpn.api + + allow-vpn + + + com.apple.application-identifier + SUQ8J2PCT7.com.loki-project.lokinet.network-extension + + keychain-access-groups + + SUQ8J2PCT7.* + + + com.apple.developer.team-identifier + SUQ8J2PCT7 + + + diff --git a/contrib/macos/lokinet-extension.entitlements.plist.in b/contrib/macos/lokinet-extension.entitlements.plist.in deleted file mode 100644 index 6f8dfb41b..000000000 --- a/contrib/macos/lokinet-extension.entitlements.plist.in +++ /dev/null @@ -1,25 +0,0 @@ - - - - - com.apple.developer.networking.networkextension - - packet-tunnel-provider - - - com.apple.security.network.client - - - diff --git a/contrib/macos/lokinet-extension.provisionprofile b/contrib/macos/lokinet-extension.provisionprofile new file mode 100644 index 0000000000000000000000000000000000000000..331f788e2cc8ab11a662c0a0ca6b780442097d15 GIT binary patch literal 13123 zcmdUWcbFU1)xNcExGrF9W56J61HtRHMxze4VVb0oG?HedQG*ahqtU30%BqbdNU+xd z6WhV`K^2aYve)~LnRx@+w-gECg z=RNN^=L#7#9XDm#(lgv=?4G5Y+H>Wg2|)%;%X)M=;|yfll*xUwC-xjPc>*%HXvJtV z-Iarj`X>!8I(o%%&4QwDNR?`~R9v~pxExuemx^L3l`YCE7x7_dzkShhtER6woD2}* zc#zVUm29=95AwK=CiIK?4F;@SRwRRg43qkxj}C?P(1*c5`4{OIWootZF$ROGs>=nf z)pD^^&>B_^!AhwtRcb9Cbk+|qEKk)^i(r^;@8iUQyQ!>LTQz;!ioDcX1;f##Unoc` z4B92!t=1|a>?&U=pDju?yazXl&mP!;1QjYinVMyD^-FO zDV=SO^eI#-!r0D3JZtx$K_YA$+nZsenI;NRkvg4{LTyyI6kM!A5!Bd^*!odh*l0Nh zu^xjO6DtgzM?*3N6`__cRSMq_U}SoMQ0&`>rmHd7GKmq2f-I#*I!OykRWb~(94R#< zMO$_PRvsn|OCVK8+73@;+6s_MSjEt^vq};K?#arSO5>PJ(_&t9O7cWgXg{f+ub4AcZwAm0{krquU6ixXRvB;GZ1tk}capfdx zmf2VY5nPUz5aTRND6V?2I2mDCABh`r(T!IVA)HLaJctlYl;fxq{yXY4}FPL869OgIvu z%%PlzWsR)KJ9ciW>gA0QEjIzT;THt7f?ZiI?(uf7;?Sp={cN`2#VcoXpoFQao*9i>8t@ ziMiPp)$YTMF@a}Tv=Wz8xfOET0s?7I6E-^DaxiKv;!&J7BGac*Ldl#WJPKpYkd|gR zL0jcO*;Xg{xX30Pr9R3}H$2UJ!%@#h>IsLj*))mn zm}rWIa|mxPCc`$=Y7InlVpcZf#ReDPSi4Gk_`gLLO^G zf@DfEIEn$6P__8NDb?i_eTf!H8&P8<(eNm?s1%j?l+~W8Gzlas2QV8KaF{FBmVxBm zQ6(<>TZrf^RI3E0QWz!# z2rR>>vP=gVOx1KWMX3~SP+5Y(Fx9QXo^ePH$7R)7!uUutT`N@$V%n3S(U}&v{#M89`bI`Ps&eXEzn~Zq1htKJMlJ#XR=%=<>u5t*4{{>{=VXDktNNob-nP1Ilr*N3i8aGK+(~D{a~}4ht08<+0E%XI%>6Y8>nx{%1s!- zpsh0(2YX4u^Ek@ONi;5l{VTMaD z*Y@Qw6qn@+E>ljN6$y-s4+w4!5y?`+XG)n;t?}y)^BU84B$JA9rKHJIPPy|929J02 z!ozm-f?=@I=$-<4F*wqBPReW)$2qe*ofRy2Dq%n~Y_ZCC<5bh%D*Kdd4hwYlk+tJk z+75=z5V*OcW8N-?r*a7_j?*m5k(eEHhq5qXtO#86W;mr$hyGmvm7p+b$p>TEm_Z%Bv`X|yo2V2$%a z4O96tA(x_dztAAkK078F3ejRH8+Y*rwl5RnnFjA-4JHHaO*m>HhJn?0C5ov`-+t$w0Bt%#tBz z%MiBWauzKCh*;yESX+r!q7li=q}(+`w6FtKDOSm(IW$Xil~$$Cl5KE&#Z^?z)wq(b zSJQ~!o3SzxVs${T_XB>`%Zy?|9OEwCA6!p|%CAruLWeu@Ly@J;TBj)uE zM3W*C^)uES?N7FR2pM!(sc=R$SmLTBMah1QS=pfug67tT3CIwOASte&(#V^X>Ia6E z&MM=GNXM%O*m0g)BuX?LU~&XOX3c>7RFiCDeq2`MOkTzlEJIR?v2Fuc1t_q;m56rP0;gFgr+Ix!^|xsg69!M8qnptjCXrZ%hjz7a!C6bN z|GE-M;lU6yfkfbkU=-@LcE_`p>~ zA`uUVsrfkS&oE)y?9Z{aM2Ff$T*+TyqSqr87^u;fPGen5nP1(EsgOe zLBB;-jk2odIcmOwQx#oJW$6D18}&t%d_wC37-}L$Gycdpb_gCzdso}1d`*PC77CGE zim+6ZXsxWRg|A>yQtlM6*=j8j%YY}bbnJ(r-64{2Xx_Qr^>93RuTe%l`kvO0SRYwe zG-6JHj&|%rW3jSY5W#~AD2x^3j7b2T2tRuc)ArQL0pv3yG#rrX93>jY6l zA=PF`p79i5ywHd@%>xD~NtZ)~Js7hVnm$=j(Ph@wu*_gphKM?=(9YzGCDddNYm$Wj z+t(Q86OSS_ZJl6lTI8aL5M_*K;#i5q6O}|v$q6oJIhi$Pz*ZE|#MBZdPa_q>+YAQy z;T*3Q-T?wYR|S^kAvIlW2^a}jOJK5GYo=Q?QjPeOFy;j|F_6jU0zsAqeuftruBy7a zjGiQM&v29!N}>(~A}pLH5SeQ;O-~NXccYRj+-nEIEeU}(wxNl0S$6Mwm(Z)R8XYnwmM8b?a z4*War)|gK_hk(zEJH2L#!U&p-%NSJ%;Rf_yb}}<(;*B zz#_mq#Z+E0IsyTIz~-hx#|9hP9Z{#ul+%3BM+&E0wi=7tYuo_VF1fH^u~eZ; zU;~5&cnDTNM=}nKYO447fFBU%J!MxDVp*Mc^bG!fG@nw*O;U1&zDp z=vL>`rn^~%He?xc6c~S(Nk?;dYm7W#zav?Wa2JCSEpq`_oNA3^NWeDyab**I)x4ap`;1Y{Aesx6 zii;N;zPjC3##{)-`Kh$CRHz7q=nX}^7AfvZA`W|WAb>mC1nwZQpk}9Tj_F1zVZg%< zpR;$O9I%QwgA16`S658~&NySv3T1jAVX9aiR;xj1wL%q!ijRqqC>$qCY5*dRF%g-H z#m7Wss3Rwuuo3^-@zvdXD$_D{BjlKdQ5-~zzlV~&bxXDx9BYLxPwvsuU;qxKF<7y|ZL06Wu0oxxC!h5%6 zz_76q89}jZCmP$+#uI=D35-^qY^$8B3Js;8RLT}ZD&}X&XtY)5Yn!g7#9YmrTF+F;4Fy>+jc$p>Qz8!v=ISk{3y3RpIu zc1Hrmm{<$=T;6iBuPGPBP~H&n1W9|V0vQ3Bacg#78TEC+n4A&wXd?`mH{RF%H`@ws z20pK43t8}g@V`wPAxhTn0k`M1>n0P9xBS5I!#QezA>@uv1Dwi4j46tTtY3$J#Wap? z(fFG@5(k9vunKjLJW=Uld}VFxV>Kiz0V2YBEl{0u1f)!H34>JaDV5 z%YpjyI7_Kg8@G%ZivXRkk**rQ_ly-}vD{n(GFOm^inJ3^RtEl_OTu?8o=v**aspD9 zv?~Fe+drIjDr+2BEI?cY*{Ni!n;nKMlBN&&RMd|QWvc*lXvmItv)NkQpvAW$d?3R# zjvH9oOfV_cW3fIa)hOqzCKKyQ4v2wjSyjpIoP%9%02U@o7=zhI;&{m3F%)DRwJgqf z+@Q%2a08B|GgvSXOt)*2J(Knja*P7yRC6hB0PS-Ts)<9rjxtwupmZ@FYhqbUsY$pk zl(PyxydsgMGHVj+Vv%Sz;>EV3o-2tSYdTTwlN|ZBi@;JMV1hdgx{5Pyvnu9B{T$fJ z2>;_v3S`+L;LjC^y(2})z716ZfbW70{y*osDov9{Gad8zD+tofc*W@ijYWA9$7smB zLc(0iLmGE%RU}UWXC7JWPR=BZi6c6vA~?bFO|rSy+{D1Rc44*&tCWP~iHnF5t`O!_ zFxWT9?qVfY%L;bwT+8e+#OVIQm>!&@vN%DyVnoPS5AuX)GkbHDyvJ)wWf4OukY(Gn z(sU#$1sCZUh*8lt9vU|`Yj1L4oa|;FVI0W%k}TjjX6}yLy@t4j#$-~<9cl3j*p!NZ zzR@^nog0_=3MoU@v6EXG{~Q91@whK@ZieCs8m}doWYkqHSCg@{P-&$QR7%oPy=4pd z0(74tSGL)tR?(kh>{yn<431F30K7d+roGt~moC_HX>%xCR%z*Nvq48gbxFt&=A~MHtzIljN`JXhYGhMVrN7#$)I7 zXtw^%_ry{W%A>V@$Pw0HtbcFNRIxfV=)WYR*1Rg!YOpY{sH3wONndKK`Y$hSqg;fQ z&kh$Z_qw8jqLkErX!&mqr`4#33d8-d14EVJ(Se2}AFTyz_3Y&e)Sb1}$VpFESD)>Woq=&^@uJ353R>lYI(Jr*4w*EUFp;{^)Jt|z+ zD1(~mXl<*QqCmMj3rjk@eJg5}`e-dY3=1$?{2ysEVw}U~HM-Vg#~Mz%cSqIw+S_zE zp(slraVf12hU0o)m>k=Oh6mwnK?;|A*~Vy^J_}|kOO;iSu|!rFhOdUuiRWqPql+ZN z5{jZ=MD12{e;T!;{brMh^xN$YsXvL@MLX(1Q%0k4&v7H&;~pbj4G#kihrdoA-s}~I z&Y6r=R}RiziVRL#gbYrce&xg-T~E(Gy4SWn;wW6XFEVT7V2N%roHR*x4xUWpCrz2t z!-tG>ko~5>#q>GT;p_%%9$gfd8;?YmXg6ofS=hZfdL{w3Pmk4WnNlTNYZ>Pu2Wagk z&Y9J1$CXMoJ%J&I&Yxv8At+))jb^*qmY6>a9eataxp417%p5DkGGu8-h?$GKokvR* zC8dJt>qpK?=s5|FW@sv9BoVwL%FJW`h1U9SnGiClTQqjPbdx7c9Mtu~@f_XsoZ%@cH;BfqD9%Vx?#O$-I}6()60Ex{ihu9a^eC1 z+J}Dp!g<>d8o2Z1OD{9|`Oo){%{=3td9xmRQ>A_!bZ_nJ-*x`!JKuifvd1!8Zr%KM z`3L2#J#nv!pX0dq)2Da(K6vn0_r`1AJp8*~=5qI4H_vkN3vd1WW9QLNy#4ToKeZmr z3G&=u{N>9xGux8iD?WSi?>;zK{OVlkrk;tq3A)W|u0_^tMi#<)FPuGT-lPN0JZk>5 z8}2&rH`khWYgxgvz}S#y5qz1)^Dy| za?QgRRn{H5>K1Cox#4@!`_4Wvl%MY3_pTiagUaEnr~k+w-IzaN#mZ~Hd~Nrv#S3S6 zj$C)#)^pDFU9({S1%>FR?by0gGV6DpvC;GH8}tD;ZuuQQ;f9;<^CCCzyz;hfN3VWs zn)>Gb=Bss2p7z@}roVOUJ@>u0HF?3ulSORs>E2@(`YyQU)tf$l;(|W~b}@fE^5Qjr z+V=S!N57zJr*|&j_}9bNKl)j7=bD=zc=7DZZut4fw|r?o=t3DegxzxDdjsnS?@)SY z&OHoJ;yyr$&0Unx_3W`m|0#GttcV%406ZWjE5L)v0%+kFy8MsG@XsuL*Eu&#JM5fS z4|N6Ko&5eutsnNkYrQ(^x!u ziTUoV4^x)KbG>up3vWMv_g^o){Mq2vhhjl_(>{0TcR%&BW%^S2uH$sb#=D7UdoNr0 zaUcDigC76tnLF>Dz2l@qe)H7IJCFJKC%v;LoIB&T!{;rpZC^3#)#SXJHV>TZ3h@u! zV!&?y?2A8?pMGnzkNUx3zI^aP>_?B(k~8*Qi>))QUvnE0doM8w-I%$3)56!J>euo~ z(l+|##ucUmq^s2PpXl#e`k<~2*w@&@)TVsXxJSWYucrM^ZGTXwxuJ#nNrSq5V8luA znK0zH#MERRvgRZ32K)3)0T(v4M>p?K4H>H6IK3!nE=&{*$eM>o8uuV;?mB4A?cgc0 zLQ$0T;J|8`Y*jCgp0m>@TY90`(w7A|^r#oA)p|jy>NU<+u65r@!#k4pDeAQ`fQKf* zS61O^N~omtK++5FLNTQW=AO!SJdz%mMZGF58#hq71n+8tLCcZxHJ@6p2x1Kwk=Cac zS3rcbd=Jy?z}Jb^i+%mgyWih<$!|YaFZrnPf{FwlI_&hdryqRrN|)`U8!kEitYt6V zcJ}@+-~UPVl0UzY>V2veFu#2Ds?VEW=O3T?-uE4AH-z*r+8?>?fu9DZ=fCdzd;Ge| z(@vd#d}O~vYcJltVezr9&D%>$-gx)uC?I<9A$l@x3Vi#mn0VF8{$*+}#KN z@;rRW{!4$|yYMdN(v!r;y{qR3Z(P6qm0f>-ZrW7at@Zlh$lzoQAnfQNl2bqNguk^n zZ@+cyQq2J1|F0z&8Z)vYzzGoq4xyR8!HhUKZo3RDVba8zM=*k@4}|nF{Rnf`STOz>VWh+Sy|0q(kw*l>RZP`Tg7#(e-ak4=nAL+9d_Khi{73w zSgrBedTj~0>1FHuvyrb&-i%~O$W$8C|SD$`| zeSSyQvG149sPEjl^w;ZJsJP|%w?o{5UC*4o>*eg%mWdNmw@&;^DSF87uOL?6b;`8V zva26GM0dvGAwp6TtK~6_M7u;x{g4u?AdWG-=&Ya4ncKUj zS9Y{M(_Qxd)pPKByk%sjhI1WW)PqbIM~e1JqXu<{3O^Z z&N95t0Pjcd^=$emVoJhr2r}L?Op7-(!xrrLiAVf(+pnIyJrKEequ+EUIpa6F^Rek0Zh7gfS8p2J^zpC%*I@lCec;xs zKKOJ|<#gQx?!db*UUJcAy}HLY??31AnUC(japjh6XRbbf(-GcVW9Lkpy5>%G#ED)SUYxPTf6JPOo;q{M)a_f(jb+H(M;m+9Efd$hap70l z-53AQZC`vseDMHY<+t3MKlF|_UkvRu?RUUAo6erx>Q}G(C?x#Zwe8ZU1E1|M{hrNS zb(E>^lvDe!&753c^7{GT_4yyk?DL0gEO75fn;jQ!d*;>0Z+_vGAMZOS`kN0=eQU?m zc@OShaJ=}aY`A*Ci^jp88oL=A09dNSA25z&U<585dP@4G@#yDnIuBcWM{d(}CVa^wN0iT8hS%jL!T!;zal$z1=3I~TQ2K5FgL z2fJP0Tle*h9m~#NzbsVMDf9O~*=+gfjk)LTdhezE9!suKewljbcRxMd{rj^%Jq^j* z9{sJ$`{gq)m47<1{nA0}j>y^WximKAN8exc?(z3;`>xX5@b*!6zp~)`ou@2puD)W1 z_`>yv#=rdPxuw6Zd+uI+_Itsp2k*M|sw&Y!lpnlk*8c%! Co`9AB literal 0 HcmV?d00001 diff --git a/contrib/macos/lokinet.entitlements.plist b/contrib/macos/lokinet.entitlements.plist new file mode 100644 index 000000000..83675e789 --- /dev/null +++ b/contrib/macos/lokinet.entitlements.plist @@ -0,0 +1,32 @@ + + + + + + com.apple.developer.networking.networkextension + + packet-tunnel-provider-systemextension + app-proxy-provider-systemextension + content-filter-provider-systemextension + dns-proxy-systemextension + dns-settings + + + com.apple.developer.networking.vpn.api + + allow-vpn + + + com.apple.application-identifier + SUQ8J2PCT7.com.loki-project.lokinet + + keychain-access-groups + + SUQ8J2PCT7.* + + + com.apple.developer.team-identifier + SUQ8J2PCT7 + + + diff --git a/contrib/macos/lokinet.entitlements.plist.in b/contrib/macos/lokinet.entitlements.plist.in deleted file mode 100644 index 66bbbb80c..000000000 --- a/contrib/macos/lokinet.entitlements.plist.in +++ /dev/null @@ -1,24 +0,0 @@ - - - - - com.apple.developer.networking.networkextension - - packet-tunnel-provider - - - com.apple.security.network.client - - - diff --git a/contrib/macos/lokinet.provisionprofile b/contrib/macos/lokinet.provisionprofile new file mode 100644 index 0000000000000000000000000000000000000000..b6528e4535cfca157c7c48f09aa34b5be7996d78 GIT binary patch literal 13010 zcmdUWd6?VO)ptBe$esa0LPANIEI`R*Vp+DwHY5RUwq;wg<=ut?vSiD$Wy|ADwxN(r zUPv246DXvmECoVB+4m(OZz(TOwht&!^`;P2c1GMnR*Qeh+&ph_M zy1Mt=bIk8c!|o_e}mk=5d=#ikX=;+}L-P(`^Yty&xjJNxX5k6%4~ z zqo!#qczx6gK`rP5E5<-sEv3uVrVl3TgBMnaRdF#a)0ur7InXQ0LUr}@X)E*T=4x1u zCRx6aUTM^u&|9gNf!NhPH7^&_)s@Df_UL#;7WgV`j~3I#s+^J2vwP405w?w;%{VelUzjMT+mn)fb(9nl8mmzRHT5C3KGYUAnUA#~$D)?xN@M%c z5KRGvuV&P8;Y$RJY{nmofBn*QB@PFaX80m6rNxm+GQ3hr8;AKsrt4`%XEFhNhD`$t z(v^|1!&{lQ66oSrGc@h2kOYByWC_z~9Fu5T$P3Q2JrB|v# zu|@F=F1ZM)5b~&nuw8ECVXq9Ku+d03>tz(2jFLiw%i$OHr8XlJ8(~{iiorX3gMEj-Zcc`)Xav{hsf*G)cr;89Scu;L{BSrwQj(|u z24{|ODgobd%LbU;EoICSU877EX7pV zhW7XSV>v;VjCr9R^anY+MtT!+rPxUJR|4cfI#~!ht2w(rm(CaRSUnmb#kA2;^t~vjzPQOS!*kBqQ#al91RYA~@B& zBUjI>vc*^E5~y+ymbnJ>hMVl>0Vr5YL@U?Rp!g}^il!+1Y|Wf@J9=m3Lh zx{QjHM&U+{BNz)cmr&opa+$m`Ar4Eqz?lVSTwZ9||> z*FBSfMk-&T#SL`2l$=gO=e=kXbhj{~!!i!K>&!u)z9)S>BpEX)sba9@%V8)kNo8E3 zoH!>CSTHfbyMu^8s&$`PG>gsge20CFnLC;l<3TlL_LM|-zRuu@wp@6)wp=g_rjDK| zST6=g+RsUei{W_C;?Bst6&I66G|Lq$j5k3w*k;M6$T`g4K1a@uV;MUrHbdZ+wv2f@ zHeAdlu>?+YT#&@?Hi11ZRi_SL(Zl#+>c8#s)7;e zPk7=jC033_(-uZ_R}sO=4fLnuYEcaUFdN5LU6*WsGp=4^648nS|{Y=zU zPNj+^UPuWV8R(5L4oA{AkZ<*->ID`>J=M4>73(3{7_ZmLc#StCe$@ zs_8?>fTN!ZXEmcWp;<*rVlie_8#?g1TOS4>Lnwlzf_;<@)zV@g;HiwPi~}NVukNSD zd2WGFY1)tF2!hO5!17ZKvW2m@q)6GkgeN(M!a$PSUcnC1H>CA&`fiK|PhqQoW$>Gs z1Wi_27zm3P1C49xUYe4q26$$MaN-s4_63k?IO+(4A&zj2#6l!iitwN{QI~_^<4J{* zIFtern#8P;WXxF&f%ODA)Dey% zj=rH&bY`lyXHW z*b@SXM+OU_?=6y!;|gq<3Pn9mKnt2z(^4JuGmNgR9^hZCW4WTuh})w8T^8^*`y&|5 z2QF!dpZO7ff+uRRbH_r$}y_y&Y1&MS#Fh!^`ggPGTS)XUP#q=%o(D&G=BZo(hdv{QT%X=~}7~MMM;kuRgwMg?EBx(2;U7o&|4WZR-$2 zyV4|))Dkfk`njs;j_U7Kd~uKqbFu{I+w{d*t6&DXi$yIWoVS32TuYj)@2fK|YyAe} zi@JBz-xmoJc)A97PP(d}w~hwd-^~hmx@dJQeI%~rQ$?mdF73`&g|8ZeH9BKZ*slxr zYGyQ+(+aR&)mH#rhBNXN#-ip?UVvT~eZ{1fl7WY=yhdo6CjmO0G7D9)h}XbVG4wy- zG0>Y$g-kl1M)crII!Q>3vrtviF;-2)l$tNrMjI`mX)40Gnglnak&?!YKYz;r*iAa1 zqoKTx;@ln;yeh`g1VNacMmiU2L~7BF#|EUtSRCMWNya5KTrDg)94%1!&i-j9*c3A- zaR?>(Lb#i0Q3ZzJ+K~(FSsadPxN&F!&RNFsF^Hi-wXk4kZj~X1=cbfeqG@RmEzHw- zmIz}?6rv^z*gXniNUjBZv@qek#wsfGG1mS1wB(p*10uW7Fg+27U_=5Zxe!*RDWUc6 zh~UH=#^I7Mkj>}(0geWM94Sj2htU!%V^}EBAF?|*w>NJ~GP0mjVK<9#O2+L}5o^PY zb1{^&DJ3Z~AfiEA9I;psTSW-^qDDus7i9__v6(JVF~qKg8%`bzm=ZCpsW>=$CCrI# z${gnvYdW54IR#s&CZ?O14fQDzG}@mmk)#*(z**Hb(mC!a&Gd5c_-U z=~^AFRPqBYEYL<~L8gPu!WfBhZX<(PI>@dQ5kNEz`^;fpK$b)M<^Y$mDh3LO<-kSv z7V!q2Oar(@Tx_vwGX^W9gu6nvT&9vw1RI>uVJ!|YDxWO3Dl}>Gv`l$>5~;b$nE{!J zVmZ8;R8_87068KuWLWP?Mv2mFqbG8@^6$`# zSQrbB*Nb6UVQ^ey2@K<0e19;OGNT!f!|i9){*cR*Vxwd-AF320yrNYEaW`Ks#CN}fbnu}aB$*xZ0v-fd=RH^N}{w#*Jiu}%iG z0HTdAMY1&;nO37xOZE)p+>3oWgS!6yhLCt;Mu-)m!n2<8k93q81PpeT6CCR}G+M8>r`E-i|@yu(SPV?AIR2b8-#eVu5 z{iga07?{mMJk|mn9BcbYJrk9%Xi}mA|B#s-mxaP@j5|NNmPUijBMff}s(hS*?9bRt zOGMK9M3-Gk6e5xsXBEg6DQOp5f$t?fgA3Uoh*@bVS&Y^a=61{lnJ7ia$jwy2S%K_R z9Wv1!f27L;8Z^N;JzG^v5{^1#e~0~!9v|eAakd5VOl>?i2p1X6QSG;i8A}80Ed-ZgCj>CR@{K&wFtp2!S!dBC0KA zN%%<7ohYM2eD`$F~~@Gj`!|8uMhSR@da zvO*rMhXFZ#Iltj0@cuBQz@&V~CTj>za7=?3;k91n5O4+`&3r-*#Dj;a0N@0`2zu-; zjEUXH(BNwPI^QybQ;N))5%bbHoQ)|Vgq)Z99p;2 zrU9=JV8ap6pH60%gj5SAIiXK*;h~BjXmfx0Ii>Dz_i;)BKTc;cPb+IIDO@#B1b}6g zTW-l7ZWe82E^CYV%c=eW(QRV~*htY**X6Wg5->VTSO+BD&oN<9=ymyW(Lk>?iiCNg zgi6I`*kaM#Wkem#fK40z8_IxDP|kx;t^j4d(bCpXu@Ht%*N3-@hER7Lsz8dvWw8}d zE7a67)C{HJujxiLUDWHK!)3B*D@W>NFwsz55i)%FbhWPvemSl5mC9;e7SrXvO0!Z0 zN=By`DMRW+3^kw%s=v`_e#`d+wFsnD`yj_xg|)ujqGGW!wCFdYQ6FAOSF6AnVCv{D zM$(TuSHCf9>!l)aUjC;XDtMemcMzn8Oe@59mcCF#OcxP38uCLlbkS|JU zpjgfH1j30PUzi*_hhEYT%Y}4U^~v?oJh}{eC#B1)`>i%)rE$15WPTzM8s->(3qjx! z8_%PBpVeY@^jZ2XslJriVd={t{Ycux+eM2o?oxsNcC>T*Vq~h}WlUpM96sNbU}WLW z#OlijXD>qrCoM(>Cr-b7Vwa(-YpP+-t_K{2%MV0mjokAvOoodesrEgPiIGVM%;}1R zOmmQf4uHn=In&`P1son-6jqpyLYC^CGv+MpbdFvcfaB}IYSpY-ma9$EJme64+{8Jv zI^%+>TJ0e) z_VD({qSrpW)ZzZ~#=pLG%H3xkb>1#ZsP)9@!Wv!^Pu@0V$(@eR1ATL&@lxLz4;1h7 zoVD8c?wBi`+lv9!$@jy5Rb2UtEU1y+z0d=dRkg;jMe~^Dq3v#On<| z_~~TniP>jeXv@7l?amve$2svAzd7ltU9qBMT~qJBYW>=xebe*3bJ^35d_H+EyY9Yo zpZ>{nhYj3u>Lr(&*~rHS$7h~>_qUKK=R)?>moq${)5mfe*)rTFAUFTL{};q&v;*L6)aOfYO+yB%4(6fMkc}sa)jQoWYTGwAK$I7FbPEd zY~;WLrnm1s3E}}=hDlu@>*GZqj?yr}|KvM~UoHROR>ipKuXEO;Z%nrSvUtu99+7A6 z*nQ|OZTYj(E1&(maBSkFm)9Bo`_>zm@#R}?di;J0*|c@ttS1(_ZvWd)Hf*h4eAWFw zE3ZFp^-a`_^TRvPdp6Gx<)^a;-nn~WKv}eA`j6Py#{7vZS8e}n&%Rkp7S8Y-wf^{> z=bi7nYQez^3b7Ab@%5)=H@tfGM$enC(1%>R?WM?sYi_*9i`=;P@>_Ntv*z__+H1eE zTxodp%-_E<{q^JSzUQr-sSDqqEMS9=cOSRVci~kpUia}M7yjA*D)XnKE?WENT_4|m z%+rQeX77rPA1>PP;75(UYj3>wna!78bHn>LeP%ywi-a7`Z9D0$fenMVE8R2a9syS3 z9?j?uojM?=D&r8f2HZKo_Ec(BhGvAyRN{S zlixnM`Col+_FozEMcz7R!H@QQ>{ULPa@}I2>y7!VKMG8H=1lCDKl}KpM>Cf!%^&pJ zt@ph8on`kQap7gHnOC{aIq}(fHuGZ-bTdyJB0u%Wg7OF7pZ(mKr(FErkrQ`DHZk9y z^*7PFWUhB^V&QEU?ECPN%bpDEye}S*Hch>~XWwJjFYi%HcOGv*Hr_=%*?sA%_j~E@ z9rp0&Pu#I%_U@Ap|J`G&?l|^_zjx1`aQ=*27R_5xeQxEf7gO`D+d6Q*D-^l!CL?y+ zN1yz$^!V#rebgC8`0{}**pD8lre++t4qI>Du=W-t{#J4lx-om(riFXbl`o`|)4S;B z>%TA`lD>o--_p8A{boH)&R{;eO8?sreMUpDuHRYyrZ8_cw(r;}%cF0;(7kB(3p*k{>u)=xH53m^4EU)zy*CL?7cMe%D&3u zf8n0mEjteU>zKR^udhkzsdR{AJH*Y)r*IVuH z{pC*!f49Rbm+pM+*pvU~nja29#(SnIYrr#gF24)nq#65TK(GvLBYN7_3ol$aS>2qU z_w@OmW4q7UhMh3+$Pah@&!e~bquV#K<{y$XerLDjpQy|Iq&$`#+@T z@4Vuj4;GitGTiI-zxm9?Kl`ZL@bK1y=Ug`P!Gkxh+P3S5YcAMyr1$3ddDEt>y+fO^ z{EJs6etJ{(vb_hPy@O%X3x_TH$Fl4*Gq$let-bHDA12Kt+jiu?d;4q8g!Y;bI^?`fnw5#6>@qcygy5w>HN4w2` z;Ida7ZSFno^uF!cQ)^3KzTo>l_JQowKgx0cj`y}Yw(NT1#fNWv`h{~3oD=)q-%fvh z_mp|R-nZZc;X%oG<$`BSgI(7mgI(LKCVG_Pq2AI%V08 z>n^cOy!gC#{&@ELx7vQ$``MOtYc9HY z`#onEOpa}(!twFBu}3nSmHX%aB=+bZ4!iQyhxYE-nW!?); -# ) + + set(CODESIGN_KEY "" CACHE STRING "codesign the macos app using this key identity") + add_custom_target(icons ALL COMMAND ${PROJECT_SOURCE_DIR}/contrib/macos/mk-icns.sh ${PROJECT_SOURCE_DIR}/contrib/lokinet.svg ${CMAKE_CURRENT_BINARY_DIR}/lokinet.icns DEPENDS ${PROJECT_SOURCE_DIR}/contrib/lokinet.svg ${PROJECT_SOURCE_DIR}/contrib/macos/mk-icns.sh) add_dependencies(lokinet icons lokinet-extension) - install(TARGETS lokinet-extension FRAMEWORK DESTINATION "${CMAKE_CURRENT_BINARY_DIR}/Lokinet.app/Contents/Frameworks" COMPONENT lokinet) + add_custom_command(TARGET lokinet + POST_BUILD + COMMAND ${CMAKE_COMMAND} -E echo "setting rpath" + COMMAND ${CMAKE_COMMAND} -E echo ${CMAKE_INSTALL_NAME_TOOL} -add_rpath "@executable_path/../Frameworks/" $ + COMMAND ${CMAKE_INSTALL_NAME_TOOL} -add_rpath "@executable_path/../Frameworks/" $ + COMMAND mkdir -p $/Contents/Frameworks + COMMAND cp -au $ $/Contents/Frameworks/ + COMMAND ${CMAKE_COMMAND} -E copy_if_different ${PROJECT_SOURCE_DIR}/contrib/macos/lokinet.provisionprofile + $/Contents/embedded.provisionprofile + ) + set_target_properties(lokinet PROPERTIES MACOSX_BUNDLE TRUE MACOSX_BUNDLE_INFO_STRING "Lokinet IP Packet Onion Router" MACOSX_BUNDLE_BUNDLE_NAME "Lokinet" MACOSX_BUNDLE_BUNDLE_VERSION "${LOKINET_VERSION}" - MACOSX_BUNDLE_LONG_VERSION_STRING "${lokinet_VERSION}.$lokinet_VERSION_MINOR}" + MACOSX_BUNDLE_LONG_VERSION_STRING "${lokinet_VERSION}" MACOSX_BUNDLE_SHORT_VERSION_STRING "${lokinet_VERSION_MAJOR}.${lokinet_VERSION_MINOR}" MACOSX_BUNDLE_GUI_IDENTIFIER "com.loki-project.lokinet" - MACOSX_BUNDLE_INFO_PLIST "${CMAKE_SOURCE_DIR}/contrib/macos/Info.plist" + MACOSX_BUNDLE_INFO_PLIST "${PROJECT_SOURCE_DIR}/contrib/macos/Info.plist" MACOSX_BUNDLE_ICON_FILE "${CMAKE_CURRENT_BINARY_DIR}/lokinet.icns" - MACOSX_BUNDLE_COPYRIGHT "© 2021, The Loki Project") - option(CODESIGN_KEY "codesign all the shit with this key" OFF) - if (CODESIGN_KEY AND CODESIGN_TEAM_ID) + MACOSX_BUNDLE_COPYRIGHT "© 2021, The Oxen Project") + if (CODESIGN_KEY) message(STATUS "codesigning with ${CODESIGN_KEY}") - set(SIGN_TARGET "${CMAKE_CURRENT_BINARY_DIR}/Lokinet.app") - configure_file("${CMAKE_SOURCE_DIR}/contrib/macos/lokinet.entitlements.plist.in" - "${CMAKE_BINARY_DIR}/lokinet.entitlements.plist") - configure_file("${CMAKE_SOURCE_DIR}/contrib/macos/lokinet-extension.entitlements.plist.in" - "${CMAKE_BINARY_DIR}/lokinet-extension.entitlements.plist") - set(LOKINET_ENTITLEMENTS "${CMAKE_BINARY_DIR}/lokinet.entitlements.plist") - set(NETEXT_ENTITLEMENTS "${CMAKE_BINARY_DIR}/lokinet-extension.entitlements.plist") + set(SIGN_TARGET "${CMAKE_CURRENT_BINARY_DIR}/lokinet.app") configure_file( "${PROJECT_SOURCE_DIR}/contrib/macos/sign.sh.in" - "${CMAKE_BINARY_DIR}/sign.sh") + "${PROJECT_BINARY_DIR}/sign.sh" + @ONLY) add_custom_target( sign - DEPENDS "${CMAKE_BINARY_DIR}/sign.sh" lokinet lokinet-extension - COMMAND "${CMAKE_BINARY_DIR}/sign.sh" + DEPENDS "${PROJECT_BINARY_DIR}/sign.sh" lokinet lokinet-extension + COMMAND "${PROJECT_BINARY_DIR}/sign.sh" ) else() - message(STATUS "will not codesign") + message(WARNING "Not codesigning: CODESIGN_KEY is not set") endif() endif() diff --git a/llarp/CMakeLists.txt b/llarp/CMakeLists.txt index 6730dd0a5..a561cec07 100644 --- a/llarp/CMakeLists.txt +++ b/llarp/CMakeLists.txt @@ -272,19 +272,16 @@ if(APPLE) # god made apple so that man may suffer find_library(NETEXT NetworkExtension REQUIRED) find_library(COREFOUNDATION CoreFoundation REQUIRED) - + add_library(lokinet-extension SHARED - framework.mm - ${CMAKE_SOURCE_DIR}/include/lokinet-extension.hpp) - target_include_directories(lokinet-extension PUBLIC - ${CMAKE_CURRENT_SOURCE_DIR}) + framework.mm) target_link_libraries(lokinet-extension PUBLIC liblokinet ${COREFOUNDATION} ${NETEXT}) - configure_file(${CMAKE_SOURCE_DIR}/contrib/macos/LokinetExtension.Info.plist.in - ${CMAKE_CURRENT_BINARY_DIR}/LokinetExtension.Info.plist) + configure_file(${PROJECT_SOURCE_DIR}/contrib/macos/LokinetExtension.Info.plist.in + ${CMAKE_CURRENT_BINARY_DIR}/LokinetExtension.Info.plist @ONLY) set_target_properties(lokinet-extension PROPERTIES FRAMEWORK TRUE @@ -296,6 +293,13 @@ if(APPLE) # "compatibility version" in semantic format in Mach-O binary file SOVERSION ${lokinet_VERSION} PUBLIC_HEADER ${CMAKE_SOURCE_DIR}/include/lokinet-extension.hpp) + + add_custom_command(TARGET lokinet-extension + POST_BUILD + COMMAND ${CMAKE_COMMAND} -E copy_if_different ${PROJECT_SOURCE_DIR}/contrib/macos/lokinet-extension.provisionprofile + $/Versions/Current/embedded.provisionprofile + ) + endif()