diff --git a/CMakeLists.txt b/CMakeLists.txt
index 128551b02..637cc1b9f 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -164,7 +164,7 @@ endif()
if(NOT DEFINED DATADIR)
if(BUILD_BUNDLE)
if(APPLE)
- set(DATADIR "../Resources")
+ set(DATADIR "../../Resources")
else()
set(DATADIR .)
endif()
@@ -176,7 +176,7 @@ endif()
if(NOT DEFINED LIBDIR)
if(BUILD_BUNDLE)
if(APPLE)
- set(LIBDIR "../Frameworks")
+ set(LIBDIR "../../Frameworks")
else()
set(LIBDIR .)
endif()
@@ -256,6 +256,10 @@ if(APPLE)
if("${CODESIGNID}")
set(CODESIGNID "${CODESIGNID}" CACHE STRING "Codesigning Identity")
endif()
+ if("${NOTARY}")
+ set(NOTARY "${NOTARY}" CACHE STRING "Notarization Identity")
+ endif()
+
endif()
# Enforce absolute paths for non-bundle builds:
diff --git a/tools/osx/Info.plist-bin.in b/tools/osx/Info.plist-bin.in
new file mode 100644
index 000000000..20ce5a741
--- /dev/null
+++ b/tools/osx/Info.plist-bin.in
@@ -0,0 +1,10 @@
+
+
+
+
+ CFBundleName
+ RawTherapee-bin
+ CFBundleIdentifier
+ com.rawtherapee.rawtherapee
+
+
diff --git a/tools/osx/executable_loader.in b/tools/osx/executable_loader.in
index dcc0cabc4..429173d8e 100644
--- a/tools/osx/executable_loader.in
+++ b/tools/osx/executable_loader.in
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
cd "$(dirname "$0")" || exit 1
@@ -7,21 +7,8 @@ app="${cwd%/Contents/*}"
lib="${app}/Contents/Frameworks"
resources="${app}/Contents/Resources"
etc="${resources}"/etc
-
-### Pending deletion:
-# See https://github.com/Beep6581/RawTherapee/issues/1779
-# cups_dir=/tmp/RT5
-# install -d "${cups_dir}"
-# cp -f /usr/lib/libcups.2.dylib "${cups_dir}"
-# export DYLD_LIBRARY_PATH="${lib}:${cups_dir}"
-
-# export GTK_EXE_PREFIX="${resources}"
-# export GTK_DATA_PREFIX="${resources}"
export XDG_DATA_DIRS="${resources}/share"
-# export GTK_IM_MODULE_FILE="${etc}/gtk-3.0/gtk.immodules"
-
export DYLD_LIBRARY_PATH="${lib}"
-
export GTK_PATH="${lib}/gtk-3.0/3.0.0"
export XDG_DATA_HOME="${resources}/share"
export GSETTINGS_SCHEMA_DIR="${resources}/share/glib-2.0/schemas"
@@ -31,25 +18,13 @@ export GDK_PIXBUF_MODULEDIR="${lib}/gdk-pixbuf-2.0/2.10.0/loaders"
export RT_SETTINGS="${HOME}/Library/Application Support/RawTherapee/config"
export RT_CACHE="${HOME}/Library/Application Support/RawTherapee/cache"
-### Pending deletion:
-# Environment variables for X11 backend
-#if [[ -d ${etc}/fonts ]]; then
-# export FONTCONFIG_PATH="${etc}/fonts"
-#fi
-
# Strip out system argument
case "$1" in
-psn_*) shift ;;
esac
-# Commented-out as part of "crash-on-startup part 2" fix, see https://github.com/Beep6581/RawTherapee/issues/3882#issuecomment-311703141
-#if [[ -d "/tmp/RawTherapee.app" ]]; then
-# rm -rf "/tmp/RawTherapee.app"
-#fi
-#ln -sf "${app}" /tmp
-
# Prevent crash when directory name contains special characters
AppleLocale=`defaults read -g AppleLocale`
export LANG=${AppleLocale%@*}.UTF-8
-exec "${cwd}/rawtherapee-bin" "$@"
+exec "${cwd}/bin/rawtherapee-bin" "$@"
diff --git a/tools/osx/macosx_bundle.sh b/tools/osx/macosx_bundle.sh
index f3ff8d8ca..2501e936b 100644
--- a/tools/osx/macosx_bundle.sh
+++ b/tools/osx/macosx_bundle.sh
@@ -101,7 +101,7 @@ ETC="${RESOURCES}/etc"
EXECUTABLE="${MACOS}/rawtherapee"
msg "Removing old files:"
-rm -rf "${APP}" "${PROJECT_NAME}_*.dmg"
+rm -rf "${APP}" "${PROJECT_NAME}_*.dmg" "*zip"
msg "Creating bundle container:"
install -d "${RESOURCES}" \
@@ -134,7 +134,7 @@ rm -r "${LIB}"/gdk-pixbuf-2.0
"${GTK_PREFIX}/bin/gdk-pixbuf-query-loaders" "${LIB}"/libpix*.so > "${ETC}/gtk-3.0/gdk-pixbuf.loaders"
"${GTK_PREFIX}/bin/gtk-query-immodules-3.0" "${LIB}"/{im*.so,libprint*.so} > "${ETC}/gtk-3.0/gtk.immodules"
-sed -i "" -e "s|${PWD}/RawTherapee.app/Contents/|@executable_path/../|" "${ETC}/gtk-3.0/gdk-pixbuf.loaders" "${ETC}/gtk-3.0/gtk.immodules"
+sed -i "" -e "s|${PWD}/RawTherapee.app/Contents/|/Applications/RawTherapee.app/Contents/|" "${ETC}/gtk-3.0/gdk-pixbuf.loaders" "${ETC}/gtk-3.0/gtk.immodules"
ditto {"${GTK_PREFIX}","${RESOURCES}"}/share/glib-2.0/schemas
"${GTK_PREFIX}/bin/glib-compile-schemas" "${RESOURCES}/share/glib-2.0/schemas"
@@ -155,6 +155,12 @@ ditto {"${GTK_PREFIX}","${RESOURCES}"}/share/icons/Adwaita/index.theme
# Copy libjpeg-turbo into the app bundle
cp /opt/local/lib/libjpeg.62.dylib "${RESOURCES}/../Frameworks"
+# Copy libexpat into the app bundle
+cp /opt/local/lib/libexpat.1.dylib "${RESOURCES}/../Frameworks"
+
+# Copy libz into the app bundle
+cp /opt/local/lib/libz.1.dylib "${RESOURCES}/../Frameworks"
+
# Copy libtiff into the app bundle
cp /opt/local/lib/libtiff.5.dylib "${RESOURCES}/../Frameworks"
@@ -182,31 +188,67 @@ find -E "${CONTENTS}" -type f -regex '.*/(rawtherapee-cli|rawtherapee|.*\.(dylib
done
msg "Registering @loader_path into the executable:"
-echo " install_name_tool -add_rpath @loader_path/../Frameworks '${EXECUTABLE}'" | bash -v
+echo " install_name_tool -add_rpath @executable_path/../../Frameworks '${EXECUTABLE}'" | bash -v
echo " install_name_tool -add_rpath @loader_path/../Frameworks '${EXECUTABLE}-cli'" | bash -v
msg "Installing required application bundle files:"
PROJECT_SOURCE_DATA_DIR="${PROJECT_SOURCE_DIR}/tools/osx"
-
+ditto "${PROJECT_SOURCE_DIR}/build/Resources" "${RESOURCES}"
# Executable loader
# Note: executable is renamed to 'rawtherapee-bin'.
-mv "${MACOS}/rawtherapee" "${MACOS}/rawtherapee-bin"
+mkdir "${MACOS}/bin"
+mv "${MACOS}/rawtherapee" "${MACOS}/bin/rawtherapee-bin"
install -m 0755 "${PROJECT_SOURCE_DATA_DIR}/executable_loader.in" "${MACOS}/rawtherapee"
# App bundle resources
cp "${PROJECT_SOURCE_DATA_DIR}/"{rawtherapee,profile}.icns "${RESOURCES}"
cp "${PROJECT_SOURCE_DATA_DIR}/PkgInfo" "${CONTENTS}"
install -m 0644 "${PROJECT_SOURCE_DATA_DIR}/Info.plist.in" "${CONTENTS}/Info.plist"
+install -m 0644 "${PROJECT_SOURCE_DATA_DIR}/Info.plist-bin.in" "${CONTENTS}/MacOS/bin/Info.plist"
sed -i "" -e "s|@version@|${PROJECT_FULL_VERSION}|
s|@shortVersion@|${PROJECT_VERSION}|
s|@arch@|${arch}|" \
"${CONTENTS}/Info.plist"
plutil -convert binary1 "${CONTENTS}/Info.plist"
-
+plutil -convert binary1 "${CONTENTS}/MacOS/bin/Info.plist"
# Sign the app
CODESIGNID="$(cmake .. -LA -N | grep "CODESIGNID" | cut -d "=" -f2)"
-codesign --deep --force -v -s "${CODESIGNID}" --timestamp "${APP}"
-spctl -a -vvvv "${APP}"
-
+if ! test -z "$CODESIGNID" ; then
+install -m 0644 "${PROJECT_SOURCE_DATA_DIR}/rt.entitlements" "${CONTENTS}/Entitlements.plist"
+plutil -convert binary1 "${CONTENTS}/Entitlements.plist"
+install -m 0644 "${PROJECT_SOURCE_DATA_DIR}/rt-bin.entitlements" "${CONTENTS}/MacOS/bin/Entitlements.plist"
+plutil -convert binary1 "${CONTENTS}/MacOS/bin/Entitlements.plist"
+codesign -v -s "${CODESIGNID}" -i "com.rawtherapee.rawtherapee-bin" --timestamp -o runtime --entitlements "${APP}/Contents/MacOS/bin/Entitlements.plist" "${APP}/Contents/MacOS/bin/rawtherapee-bin"
+codesign --deep --preserve-metadata=identifier,entitlements,runtime --strict -v -s "${CODESIGNID}" -i "com.rawtherapee.rawtherapee" --timestamp -o runtime --entitlements "${APP}/Contents/Entitlements.plist" "${APP}"
+ spctl -a -vvvv "${APP}"
+fi
+
+# Notarize the app
+NOTARY="$(cmake .. -LA -N | grep "NOTARY" | cut -d "=" -f2)"
+if ! test -z "$NOTARY" ; then
+ ditto -c -k --sequesterRsrc --keepParent "${APP}" "${APP}.zip"
+ uuid=`xcrun altool --notarize-app --primary-bundle-id "com.rawtherapee.rawtherapee" ${NOTARY} --file "${APP}.zip" 2>&1 | grep 'RequestUUID' | awk '{ print $3 }'`
+ echo "Result= $uuid" # Display identifier string
+ sleep 15
+ while :
+ do
+ fullstatus=`xcrun altool --notarization-info "$uuid" ${NOTARY} 2>&1` # get the status
+ status1=`echo "$fullstatus" | grep 'Status\:' | awk '{ print $2 }'`
+ if [ "$status1" = "success" ]; then
+ xcrun stapler staple *app # staple the ticket
+ xcrun stapler validate -v *app
+ echo "Notarization success"
+ break
+ elif [ "$status1" = "in" ]; then
+ echo "Notarization still in progress, sleeping for 15 seconds and trying again"
+ sleep 15
+ else
+ echo "Notarization failed fullstatus below"
+ echo "$fullstatus"
+ exit 1
+ fi
+ done
+fi
+
function CreateDmg {
local srcDir="$(mktemp -dt $$)"
@@ -234,7 +276,36 @@ function CreateDmg {
hdiutil create -format UDBZ -fs HFS+ -srcdir "${srcDir}" -volname "${PROJECT_NAME}_${PROJECT_FULL_VERSION}" "${dmg_name}.dmg"
# Sign disk image
- codesign --deep --force -v -s "${CODESIGNID}" --timestamp "${dmg_name}.dmg"
+ if ! test -z "$CODESIGNID" ; then
+ codesign --deep --force -v -s "${CODESIGNID}" --timestamp "${dmg_name}.dmg"
+ fi
+
+ # Notarize the dmg
+ if ! test -z "$NOTARY" ; then
+ zip "${dmg_name}.dmg.zip" "${dmg_name}.dmg"
+ uuid=`xcrun altool --notarize-app --primary-bundle-id "com.rawtherapee" ${NOTARY} --file "${dmg_name}.dmg.zip" 2>&1 | grep 'RequestUUID' | awk '{ print $3 }'`
+ echo "dmg Result= $uuid" # Display identifier string
+ sleep 15
+ while :
+ do
+ fullstatus=`xcrun altool --notarization-info "$uuid" ${NOTARY} 2>&1` # get the status
+ status1=`echo "$fullstatus" | grep 'Status\:' | awk '{ print $2 }'`
+ if [ "$status1" = "success" ]; then
+ xcrun stapler staple "${dmg_name}.dmg" # staple the ticket
+ xcrun stapler validate -v "${dmg_name}.dmg"
+ echo "dmg Notarization success"
+ break
+ elif [ "$status1" = "in" ]; then
+ echo "dmg Notarization still in progress, sleeping for 15 seconds and trying again"
+ sleep 15
+ else
+ echo "dmg Notarization failed fullstatus below"
+ echo "$fullstatus"
+ exit 1
+ fi
+ done
+ fi
+
# Zip disk image for redistribution
zip "${dmg_name}.zip" "${dmg_name}.dmg" AboutThisBuild.txt
diff --git a/tools/osx/rt-bin.entitlements b/tools/osx/rt-bin.entitlements
new file mode 100644
index 000000000..9e5e269cb
--- /dev/null
+++ b/tools/osx/rt-bin.entitlements
@@ -0,0 +1,8 @@
+
+
+
+
+com.apple.security.inherit
+
+
+
\ No newline at end of file
diff --git a/tools/osx/rt.entitlements b/tools/osx/rt.entitlements
new file mode 100644
index 000000000..2236af138
--- /dev/null
+++ b/tools/osx/rt.entitlements
@@ -0,0 +1,20 @@
+
+
+
+
+ application-identifier
+ com.rawtherapee.rawtherapee
+ com.apple.security.temporary-exception.files.absolute-path.read-write
+
+ "/"
+
+ com.apple.security.cs.allow-dyld-environment-variables
+
+ com.apple.security.files.user-selected.read-write
+
+ com.apple.security.app-sandbox
+
+ com.apple.security.files.downloads.read-write
+
+
+