Tests failing on OSX
Ken Thomases
ken at codeweavers.com
Wed Sep 21 06:45:08 CDT 2011
On Sep 21, 2011, at 5:59 AM, Francois Gouget wrote:
> On Wed, 21 Sep 2011, Ken Thomases wrote:
>
>> Anyway, the application firewall is based on code-signing. The user's
>> permission to allow a program to accept incoming connections is tied
>> to the program's signature.
> [...]
>> Since regularly testing Wine entails constantly rebuilding it, the
>> signature never survives for long and the system asks for permission
>> with every new build.
>
> Exactly. So should the application firewall be causing trouble, the only
> solution would be to disable it :-( I guess there's no way to
> automatically authorize / sign the application?
You can, but it requires a digital certificate. I don't know if a self-signed certificate can be used. I think they can to a certain extent. A program signed with a self-signed certificate will allow for the application firewall to recognize it as the same program which was previously granted permission by the user. It would require a certificate traceable to a trusted root certificate for the application firewall to _implicitly_ trust the program and not require even the initial permission from the user.
The command-line tool to do the code-signing is "codesign". There's a man page, of course, and also Apple's documentation:
https://developer.apple.com/library/mac/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
-Ken
More information about the wine-devel
mailing list