Skip to content
This repository has been archived by the owner on Jan 23, 2023. It is now read-only.

[release/3.1] HostWriter: Remove signature on MAC host #8590

Merged
merged 2 commits into from
Oct 21, 2019
Merged

[release/3.1] HostWriter: Remove signature on MAC host #8590

merged 2 commits into from
Oct 21, 2019

Conversation

swaroop-sridhar
Copy link

@swaroop-sridhar swaroop-sridhar commented Oct 18, 2019
edited
Loading

HostWriter: Remove signature on MAC host

Tracking Issue

Fixes https://github.com/dotnet/core-setup/issues/8589

Customer Scenario

In order to conform with Catalina notarization requirements, the template apphost will be shipped after codesigning.

When the template apphost is customized for a specific app, the signature is no longer valid.
This commit implements the change to remove the signature from the apphost when customized for a specific app by the SDK using the HostModel library.

Master Branch

Commit: 3d36990
PR: #8543

@swaroop-sridhar
HostWriter: Remove signature on MAC host
ad7fc46 
In order to conform with Catalina notarization requirements, the template apphost
will be shipped after codesigning.

This commit implements a change to remove the code-signature when customizing the apphost for an app.

Testing:
- Tested the HostModel library using a locally signed version of apphost
- Verified that unsigned host can be re-signed later
- Verified that the original unsigned-apphost, and the signature-removed-apphost are binary equal.

TODO:
* SDK changes for consuming the AppHostMachOFormatException
* Port the change to 3.1, backport to earlier versions
* For .net 5, factor out PE specific code in BinaryUtils into a separate file (similar to MacOUtil).
@swaroop-sridhar
Avoid using Unsafe.InitBlock
184ba74 
Clear the signature command manually, instead of using
Unsafe.InitBlock since this API is not available before .net Core 3.0
@swaroop-sridhar
Copy link
Author

@lpereira I needed a small change compared to master branch: 184ba74

The change avoids the use of Unsafe.InitBlock since the API is not available before .net Core 3.0.

lpereira
lpereira approved these changes Oct 18, 2019
View reviewed changes
Copy link

@lpereira lpereira left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM; however, if that particular API is available from 3.0, why not just use it on 3.1? Shouldn't it be available there too?

@MeiChin-Tsai
Copy link

approved for 3.1

@swaroop-sridhar swaroop-sridhar merged commit 563597b into dotnet:release/3.1 Oct 21, 2019
@swaroop-sridhar swaroop-sridhar mentioned this pull request Oct 21, 2019
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lpereira lpereira lpereira approved these changes

@nguerrera nguerrera nguerrera approved these changes

@jeffschwMSFT jeffschwMSFT Awaiting requested review from jeffschwMSFT

@MeiChin-Tsai MeiChin-Tsai Awaiting requested review from MeiChin-Tsai

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@swaroop-sridhar @MeiChin-Tsai @lpereira @nguerrera