qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-09-23 17:20:13 -06:00
Code Releases Activity
58facfbe7d
go/misc/ios/detect.go

134 lines
3.2 KiB
Go
Raw Normal View History

misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
// Copyright 2015 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build ignore
// detect attempts to autodetect the correct
// values of the environment variables
misc/ios: fixup review comments from CL 255257 Change-Id: I247fc9e0e26e706e6af07367f953eaa1b7e544c1 Reviewed-on: https://go-review.googlesource.com/c/go/+/259577 Trust: Elias Naur <mail@eliasnaur.com> Run-TryBot: Elias Naur <mail@eliasnaur.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> TryBot-Result: Go Bot <gobot@golang.org>
2020-10-05 09:51:54 -06:00
// used by go_ios_exec.
misc/ios: document the external binary and the required env variables Change-Id: I1ec2460758b19e5315be061033c1bb5ed9ead4a8 Reviewed-on: https://go-review.googlesource.com/9688 Reviewed-by: Minux Ma <minux@golang.org>
2015-05-04 10:41:41 -06:00
// detect shells out to ideviceinfo, a third party program that can
// be obtained by following the instructions at
// https://github.com/libimobiledevice/libimobiledevice.
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
package main
import (
"bytes"
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
"crypto/x509"
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
"fmt"
"os"
"os/exec"
"strings"
)
func main() {
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
udids := getLines(exec.Command("idevice_id", "-l"))
if len(udids) == 0 {
fail("no udid found; is a device connected?")
}
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
mps := detectMobileProvisionFiles(udids)
misc/ios: include the bundle id in the GOIOS_APP_ID env variable The iOS exec wrapper use the constant bundle id "golang.gotest" for running Go programs on iOS. However, that only happens to work on the old iOS builders where their provisioning profile covers that bundle id. Expand the detection script to list all available provisioning profiles for the attached device and include the bundle id in the GOIOS_APP_ID environment variable. To allow the old builders to continue, the "golang.gotest" bundle id is used as a fallback if only the app id prefix is specified in GOIOS_APP_ID. For the new builders. Change-Id: I8baa1d4d57f845de851c3fad3f178e05e9a01b17 Reviewed-on: https://go-review.googlesource.com/36060 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 01:37:47 -07:00
if len(mps) == 0 {
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
fail("did not find mobile provision matching device udids %q", udids)
misc/ios: include the bundle id in the GOIOS_APP_ID env variable The iOS exec wrapper use the constant bundle id "golang.gotest" for running Go programs on iOS. However, that only happens to work on the old iOS builders where their provisioning profile covers that bundle id. Expand the detection script to list all available provisioning profiles for the attached device and include the bundle id in the GOIOS_APP_ID environment variable. To allow the old builders to continue, the "golang.gotest" bundle id is used as a fallback if only the app id prefix is specified in GOIOS_APP_ID. For the new builders. Change-Id: I8baa1d4d57f845de851c3fad3f178e05e9a01b17 Reviewed-on: https://go-review.googlesource.com/36060 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 01:37:47 -07:00
}
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
misc/ios: remove note from output of detect.go If no GOIOS_DEV_ID is set, iostest.bash will eval the output of detect.go. Prepend the note output by detect.go with # to make the shell ignore it. Went undetected for so long because the iOS builders usually run with GOIOS_DEV_ID set. Change-Id: I308eac94803851620ca91593f9a1aef79825187f Reviewed-on: https://go-review.googlesource.com/c/144109 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-10-24 07:27:35 -06:00
fmt.Println("# Available provisioning profiles below.")
fmt.Println("# NOTE: Any existing app on the device with the app id specified by GOIOS_APP_ID")
fmt.Println("# will be overwritten when running Go programs.")
misc/ios: include the bundle id in the GOIOS_APP_ID env variable The iOS exec wrapper use the constant bundle id "golang.gotest" for running Go programs on iOS. However, that only happens to work on the old iOS builders where their provisioning profile covers that bundle id. Expand the detection script to list all available provisioning profiles for the attached device and include the bundle id in the GOIOS_APP_ID environment variable. To allow the old builders to continue, the "golang.gotest" bundle id is used as a fallback if only the app id prefix is specified in GOIOS_APP_ID. For the new builders. Change-Id: I8baa1d4d57f845de851c3fad3f178e05e9a01b17 Reviewed-on: https://go-review.googlesource.com/36060 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 01:37:47 -07:00
for _, mp := range mps {
fmt.Println()
all: update references to symbols moved from io/ioutil to io Update references missed in CL 263142. For #41190 Change-Id: I778760a6a69bd0440fec0848bdef539c9ccb4ee1 GitHub-Last-Rev: dda42b09fff36dc08ec1cdec50cc19e3da5058e5 GitHub-Pull-Request: golang/go#42874 Reviewed-on: https://go-review.googlesource.com/c/go/+/273946 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Trust: Cherry Zhang <cherryyz@google.com>
2021-04-03 02:10:47 -06:00
f, err := os.CreateTemp("", "go_ios_detect_")
misc/ios: include the bundle id in the GOIOS_APP_ID env variable The iOS exec wrapper use the constant bundle id "golang.gotest" for running Go programs on iOS. However, that only happens to work on the old iOS builders where their provisioning profile covers that bundle id. Expand the detection script to list all available provisioning profiles for the attached device and include the bundle id in the GOIOS_APP_ID environment variable. To allow the old builders to continue, the "golang.gotest" bundle id is used as a fallback if only the app id prefix is specified in GOIOS_APP_ID. For the new builders. Change-Id: I8baa1d4d57f845de851c3fad3f178e05e9a01b17 Reviewed-on: https://go-review.googlesource.com/36060 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 01:37:47 -07:00
check(err)
fname := f.Name()
defer os.Remove(fname)
out := output(parseMobileProvision(mp))
_, err = f.Write(out)
check(err)
check(f.Close())
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
cert, err := plistExtract(fname, "DeveloperCertificates:0")
check(err)
pcert, err := x509.ParseCertificate(cert)
check(err)
fmt.Printf("export GOIOS_DEV_ID=\"%s\"\n", pcert.Subject.CommonName)
misc/ios: include the bundle id in the GOIOS_APP_ID env variable The iOS exec wrapper use the constant bundle id "golang.gotest" for running Go programs on iOS. However, that only happens to work on the old iOS builders where their provisioning profile covers that bundle id. Expand the detection script to list all available provisioning profiles for the attached device and include the bundle id in the GOIOS_APP_ID environment variable. To allow the old builders to continue, the "golang.gotest" bundle id is used as a fallback if only the app id prefix is specified in GOIOS_APP_ID. For the new builders. Change-Id: I8baa1d4d57f845de851c3fad3f178e05e9a01b17 Reviewed-on: https://go-review.googlesource.com/36060 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 01:37:47 -07:00
appID, err := plistExtract(fname, "Entitlements:application-identifier")
check(err)
fmt.Printf("export GOIOS_APP_ID=%s\n", appID)
teamID, err := plistExtract(fname, "Entitlements:com.apple.developer.team-identifier")
check(err)
fmt.Printf("export GOIOS_TEAM_ID=%s\n", teamID)
}
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
}
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
func detectMobileProvisionFiles(udids [][]byte) []string {
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
cmd := exec.Command("mdfind", "-name", ".mobileprovision")
lines := getLines(cmd)
misc/ios: include the bundle id in the GOIOS_APP_ID env variable The iOS exec wrapper use the constant bundle id "golang.gotest" for running Go programs on iOS. However, that only happens to work on the old iOS builders where their provisioning profile covers that bundle id. Expand the detection script to list all available provisioning profiles for the attached device and include the bundle id in the GOIOS_APP_ID environment variable. To allow the old builders to continue, the "golang.gotest" bundle id is used as a fallback if only the app id prefix is specified in GOIOS_APP_ID. For the new builders. Change-Id: I8baa1d4d57f845de851c3fad3f178e05e9a01b17 Reviewed-on: https://go-review.googlesource.com/36060 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 01:37:47 -07:00
var files []string
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
for _, line := range lines {
if len(line) == 0 {
continue
}
xmlLines := getLines(parseMobileProvision(string(line)))
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
matches := 0
for _, udid := range udids {
for _, xmlLine := range xmlLines {
if bytes.Contains(xmlLine, udid) {
matches++
}
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
}
}
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
if matches == len(udids) {
files = append(files, string(line))
}
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
}
misc/ios: include the bundle id in the GOIOS_APP_ID env variable The iOS exec wrapper use the constant bundle id "golang.gotest" for running Go programs on iOS. However, that only happens to work on the old iOS builders where their provisioning profile covers that bundle id. Expand the detection script to list all available provisioning profiles for the attached device and include the bundle id in the GOIOS_APP_ID environment variable. To allow the old builders to continue, the "golang.gotest" bundle id is used as a fallback if only the app id prefix is specified in GOIOS_APP_ID. For the new builders. Change-Id: I8baa1d4d57f845de851c3fad3f178e05e9a01b17 Reviewed-on: https://go-review.googlesource.com/36060 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 01:37:47 -07:00
return files
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
}
func parseMobileProvision(fname string) *exec.Cmd {
return exec.Command("security", "cms", "-D", "-i", string(fname))
}
func plistExtract(fname string, path string) ([]byte, error) {
out, err := exec.Command("/usr/libexec/PlistBuddy", "-c", "Print "+path, fname).CombinedOutput()
if err != nil {
return nil, err
}
return bytes.TrimSpace(out), nil
}
func getLines(cmd *exec.Cmd) [][]byte {
misc/ios: ignore stderr from iOS tools On (at least) macOS 10.12, the `security cms` subcommand used by the iOS detection script will output an error to stderr. The command otherwise succeeds, but the extra line confuses a later parsing step. To fix it, use only stdout and ignore stderr from every command run by detect.go. For the new iOS builders. Change-Id: Iee426da7926d7f987ba1be061fa92ebb853ef53d Reviewed-on: https://go-review.googlesource.com/36059 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 00:57:46 -07:00
out := output(cmd)
misc/ios: make detect.go more robust To enable the exec wrapper go_darwin_arm_exec.go to run binaries on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code signing identity. The program detect.go attempts to detect suitable values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID). Before this change, detect.go would use "security find-identity -p codesigning -v" to list all available identities for code signing and pick the first one with "iPhone Developer" in its name. However, that pick might be invalid since if it was replaced by an identity issued later. For example, on the mobile builder: $ security find-identity -p codesigning -v 1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign" 2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)" 3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)" 3 valid identities found In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187 is picked by detect.go even though it has been invalidated by FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E. Instead of attempting to find an identity from the "security find-identity" list, use the identity from the CommonName in the embedded certificate in the provisioning file. The CommonName only lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)), not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but fortunately the codesign tool accepts both. Identity names may not be unique, as demonstrated by the example, but that will result in an ambiguity error at codesigning instead of a more obscure error about an invalid identity when go_darwin_arm_exec.go runs a binary. The fix is then to delete the invalid identity from the system keychain. While here, find all connected devices instead of the first connected and only consider provision files that covers them all. This matters for the mobile builder where two devices are connected. Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989 Reviewed-on: https://go-review.googlesource.com/105436 Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-07 09:22:43 -06:00
lines := bytes.Split(out, []byte("\n"))
// Skip the empty line at the end.
if len(lines[len(lines)-1]) == 0 {
lines = lines[:len(lines)-1]
}
return lines
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
}
misc/ios: ignore stderr from iOS tools On (at least) macOS 10.12, the `security cms` subcommand used by the iOS detection script will output an error to stderr. The command otherwise succeeds, but the extra line confuses a later parsing step. To fix it, use only stdout and ignore stderr from every command run by detect.go. For the new iOS builders. Change-Id: Iee426da7926d7f987ba1be061fa92ebb853ef53d Reviewed-on: https://go-review.googlesource.com/36059 Reviewed-by: David Crawshaw <crawshaw@golang.org> Run-TryBot: Elias Naur <elias.naur@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 00:57:46 -07:00
func output(cmd *exec.Cmd) []byte {
out, err := cmd.Output()
misc/ios: read codesign info from environment variables Use environment variables to allow set-and-forget. Add a script to attempt to autodetect codesign info. Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d Reviewed-on: https://go-review.googlesource.com/8910 Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-13 12:31:41 -06:00
if err != nil {
fmt.Println(strings.Join(cmd.Args, "\n"))
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
}
return out
}
func check(err error) {
if err != nil {
fail(err.Error())
}
}
func fail(msg string, v ...interface{}) {
fmt.Fprintf(os.Stderr, msg, v...)
fmt.Fprintln(os.Stderr)
os.Exit(1)
}
Copy Permalink