1
0
mirror of https://github.com/golang/go synced 2024-11-06 03:26:15 -07:00
Commit Graph

6 Commits

Author SHA1 Message Date
Elias Naur
c3cb44fdef misc/ios: make detect.go more robust
To enable the exec wrapper go_darwin_arm_exec.go to run binaries
on iOS devices, the GOIOS_DEV_ID variable needs to be set to a code
signing identity. The program detect.go attempts to detect suitable
values for GOIOS_DEV_ID (along with GOIOS_APP_ID and GOIOS_TEAM_ID).

Before this change, detect.go would use "security find-identity
-p codesigning -v" to list all available identities for code signing
and pick the first one with "iPhone Developer" in its name. However,
that pick might be invalid since if it was replaced by an identity
issued later.

For example, on the mobile builder:

$ security find-identity -p codesigning -v
  1) 0E251DE41FE4490574E475AC320B47F58D6D3635 "lldb_codesign"
  2) 0358588D07AA6A19478981BA405F40A97F95F187 "iPhone Developer: xxx@xxx (2754T98W8E)"
  3) FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E "iPhone Developer: xxx@xxx (2754T98W8E)"
     3 valid identities found

In this case, the identity 0358588D07AA6A19478981BA405F40A97F95F187
is picked by detect.go even though it has been invalidated by
FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E.

Instead of attempting to find an identity from the "security
find-identity" list, use the identity from the CommonName in the
embedded certificate in the provisioning file. The CommonName only
lists the identity name (iPhone Developer: xxx@xxx (2754T98W8E)),
not the fingerprint (FC6D96F24A3223C98BF7A2C2C5194D82E04CD23E), but
fortunately the codesign tool accepts both.

Identity names may not be unique, as demonstrated by the example,
but that will result in an ambiguity error at codesigning instead of
a more obscure error about an invalid identity when
go_darwin_arm_exec.go runs a binary.
The fix is then to delete the invalid identity from the system
keychain.

While here, find all connected devices instead of the first connected
and only consider provision files that covers them all. This matters
for the mobile builder where two devices are connected.

Change-Id: I6beb59ace3fc5e071ba76222a20a607765943989
Reviewed-on: https://go-review.googlesource.com/105436
Run-TryBot: Elias Naur <elias.naur@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2018-04-10 16:36:33 +00:00
Elias Naur
7d889af26d misc/ios: include the bundle id in the GOIOS_APP_ID env variable
The iOS exec wrapper use the constant bundle id "golang.gotest" for
running Go programs on iOS. However, that only happens to work on
the old iOS builders where their provisioning profile covers
that bundle id.

Expand the detection script to list all available provisioning
profiles for the attached device and include the bundle id in the
GOIOS_APP_ID environment variable.

To allow the old builders to continue, the "golang.gotest" bundle
id is used as a fallback if only the app id prefix is specified in
GOIOS_APP_ID.

For the new builders.

Change-Id: I8baa1d4d57f845de851c3fad3f178e05e9a01b17
Reviewed-on: https://go-review.googlesource.com/36060
Reviewed-by: David Crawshaw <crawshaw@golang.org>
Run-TryBot: Elias Naur <elias.naur@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 22:09:16 +00:00
Elias Naur
ade6bcf1d5 misc/ios: ignore stderr from iOS tools
On (at least) macOS 10.12, the `security cms` subcommand used by the
iOS detection script will output an error to stderr. The command
otherwise succeeds, but the extra line confuses a later parsing step.

To fix it, use only stdout and ignore stderr from every command run
by detect.go.

For the new iOS builders.

Change-Id: Iee426da7926d7f987ba1be061fa92ebb853ef53d
Reviewed-on: https://go-review.googlesource.com/36059
Reviewed-by: David Crawshaw <crawshaw@golang.org>
Run-TryBot: Elias Naur <elias.naur@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-02-01 22:08:47 +00:00
David Crawshaw
cf4527172c misc/ios: skip revoked certificates
Change-Id: If65e5e55b359a61740d2ef185147bb6df90e0b0c
Reviewed-on: https://go-review.googlesource.com/14654
Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
2015-09-17 16:25:20 +00:00
Burcu Dogan
032811e2ab misc/ios: document the external binary and the required env variables
Change-Id: I1ec2460758b19e5315be061033c1bb5ed9ead4a8
Reviewed-on: https://go-review.googlesource.com/9688
Reviewed-by: Minux Ma <minux@golang.org>
2015-06-09 22:09:52 +00:00
Josh Bleecher Snyder
2d0c962b1c misc/ios: read codesign info from environment variables
Use environment variables to allow set-and-forget.

Add a script to attempt to autodetect codesign info.

Change-Id: Ic56b9c5f097b1a4117ebb89c408bc333d91f581d
Reviewed-on: https://go-review.googlesource.com/8910
Reviewed-by: David Crawshaw <crawshaw@golang.org>
2015-04-15 00:00:10 +00:00