diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 3f36b1d5..807d2a16 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -199,6 +199,7 @@ if(BUILD_GUI) if(APPLE) target_link_libraries(Zano ${COCOA_LIBRARY}) + set_property(TARGET Zano PROPERTY XCODE_ATTRIBUTE_ENABLE_HARDENED_RUNTIME YES) endif() if(MSVC) target_link_libraries(Zano shlwapi.lib) diff --git a/src/common/pre_download.h b/src/common/pre_download.h index 6ea723b0..e119d505 100644 --- a/src/common/pre_download.h +++ b/src/common/pre_download.h @@ -21,8 +21,8 @@ namespace tools }; #ifndef TESTNET - static constexpr pre_download_entry c_pre_download_mdbx = { "http://95.217.43.225/pre-download/zano_mdbx_95_1000000.pak", "6b0bbba85bc420eaae5ec68373e528f70bffaa17fb111c796e951d06ad71e4fe", 1104150892, 2147450880 }; - static constexpr pre_download_entry c_pre_download_lmdb = { "http://95.217.43.225/pre-download/zano_lmdb_95_1000000.pak", "b4d45c727dbf1b92671f9fd1a9624e79019e890bd3d33cb71e011ab4bcb0d21e", 1450748151, 2114449408 }; + static constexpr pre_download_entry c_pre_download_mdbx = { "http://95.217.42.247/pre-download/zano_mdbx_95_1161000.pak", "26660ffcdaf80a43a586e64a1a6da042dcb9ff3b58e14ce1ec9a775b995dc146", 1330022593, 2684313600 }; + static constexpr pre_download_entry c_pre_download_lmdb = { "http://95.217.42.247/pre-download/zano_lmdb_95_1161000.pak", "9dd03f08dea396fe32e6483a8221b292be35fa41c29748f119f11c3275956cdc", 1787475468, 2600247296 }; #else static constexpr pre_download_entry c_pre_download_mdbx = { "", "", 0, 0 }; static constexpr pre_download_entry c_pre_download_lmdb = { "", "", 0, 0 }; diff --git a/src/currency_core/checkpoints_create.h b/src/currency_core/checkpoints_create.h index ea87d78c..059d190e 100644 --- a/src/currency_core/checkpoints_create.h +++ b/src/currency_core/checkpoints_create.h @@ -17,13 +17,14 @@ namespace currency inline bool create_checkpoints(currency::checkpoints& checkpoints) { #ifdef TESTNET - //ADD_CHECKPOINT(50000, "492ef71f5d722a8a182d65eb0ff731b740e023a2d64881f43db9af7b39ba7988"); + #else // MAINNET - ADD_CHECKPOINT(425000, "46a6c36d5dec2d484d5e4845a8525ca322aafc06915ed9c8da2a241b51b7d1e8"); - ADD_CHECKPOINT(525000, "8c1ac57e67448130207a224b2d6e33ccdc64d6dd1c59dbcf9ad2361dc0d07d51"); - ADD_CHECKPOINT(600000, "d9fe316086e1aaea07d94082973ec764eff5fc5a05ed6e1eca273cee59daeeb4"); - ADD_CHECKPOINT(900000, "2205b73cd79d4937b087b02a8b001171b73c34464bc4a952834eaf7c2bd63e86"); + ADD_CHECKPOINT(425000, "46a6c36d5dec2d484d5e4845a8525ca322aafc06915ed9c8da2a241b51b7d1e8"); + ADD_CHECKPOINT(525000, "8c1ac57e67448130207a224b2d6e33ccdc64d6dd1c59dbcf9ad2361dc0d07d51"); + ADD_CHECKPOINT(600000, "d9fe316086e1aaea07d94082973ec764eff5fc5a05ed6e1eca273cee59daeeb4"); + ADD_CHECKPOINT(900000, "2205b73cd79d4937b087b02a8b001171b73c34464bc4a952834eaf7c2bd63e86"); + ADD_CHECKPOINT(1161000, "96990d851b484e30190678756ba2a4d3a2f92b987e2470728ac1e38b2bf35908"); #endif return true; diff --git a/src/version.h.in b/src/version.h.in index 2e088804..65a5944d 100644 --- a/src/version.h.in +++ b/src/version.h.in @@ -8,6 +8,6 @@ #define PROJECT_REVISION "0" #define PROJECT_VERSION PROJECT_MAJOR_VERSION "." PROJECT_MINOR_VERSION "." PROJECT_REVISION -#define PROJECT_VERSION_BUILD_NO 122 +#define PROJECT_VERSION_BUILD_NO 123 #define PROJECT_VERSION_BUILD_NO_STR STRINGIFY_EXPAND(PROJECT_VERSION_BUILD_NO) #define PROJECT_VERSION_LONG PROJECT_VERSION "." PROJECT_VERSION_BUILD_NO_STR "[" BUILD_COMMIT_ID "]" diff --git a/utils/build_script_mac_osx.sh b/utils/build_script_mac_osx.sh index b9b989db..bb70d5fc 100755 --- a/utils/build_script_mac_osx.sh +++ b/utils/build_script_mac_osx.sh @@ -1,4 +1,5 @@ -set -x #echo on +set -x # echo on +set +e # switch off exit on error curr_path=${BASH_SOURCE%/*} # check that all the required environment vars are set @@ -21,6 +22,11 @@ if [ "$testnet" == true ]; then ARCHIVE_NAME_PREFIX=${ARCHIVE_NAME_PREFIX}testnet- fi +######### DEBUG ########## +#cd "$ZANO_BUILD_DIR/release/src" +#rm *.dmg +#if false; then +##### end of DEBUG ###### rm -rf $ZANO_BUILD_DIR; mkdir -p "$ZANO_BUILD_DIR/release"; cd "$ZANO_BUILD_DIR/release" @@ -101,12 +107,13 @@ if [ $? -ne 0 ]; then exit 1 fi -codesign -s "Zano" --deep -vv -f Zano.app +codesign -s "Developer ID Application: Zano Limited" --timestamp --options runtime -f --entitlements ../../../utils/macos_entitlements.plist --deep ./Zano.app if [ $? -ne 0 ]; then - echo "Failed to sign application" + echo "Failed to sign Zano.app" exit 1 fi + read version_str <<< $(DYLD_LIBRARY_PATH=$ZANO_BOOST_LIBS_PATH ./connectivity_tool --version | awk '/^Zano/ { print $2 }') version_str=${version_str} echo $version_str @@ -125,6 +132,8 @@ if [ $? -ne 0 ]; then exit 1 fi +#fi + package_filename=${ARCHIVE_NAME_PREFIX}${version_str}.dmg source ../../../utils/macosx_dmg_builder.sh @@ -134,12 +143,11 @@ if [ $? -ne 0 ]; then exit 1 fi -cd ../../.. echo "Build success" echo "############### Uploading... ################" -package_filepath=$ZANO_BUILD_DIR/release/src/$package_filename +package_filepath=$package_filename scp $package_filepath zano_build_server:/var/www/html/builds/ if [ $? -ne 0 ]; then @@ -157,3 +165,58 @@ sha256: $checksum" echo "$mail_msg" echo "$mail_msg" | mail -s "Zano macOS-x64 ${build_prefix_label}${testnet_label}build $version_str" ${emails} + + +###################### +# notarization +###################### + +cd package_folder + +echo "Notarizing..." + +# creating archive for notarizing +echo "Creating archive for notarizing" +rm -f Zano.zip +/usr/bin/ditto -c -k --keepParent ./Zano.app ./Zano.zip + +tmpfile="tmptmptmp" +xcrun altool --notarize-app --primary-bundle-id "org.zano.desktop" -u "andrey@zano.org" -p "@keychain:Developer-altool" --file ./Zano.zip > $tmpfile 2>&1 +NOTARIZE_RES=$? +NOTARIZE_OUTPUT=$( cat $tmpfile ) +rm $tmpfile +echo "NOTARIZE_OUTPUT=$NOTARIZE_OUTPUT" +if [ $NOTARIZE_RES -ne 0 ]; then + echo "Notarization failed" + exit 1 +fi + +GUID=$(echo "$NOTARIZE_OUTPUT" | egrep -Ewo '[[:xdigit:]]{8}(-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}') +if [ ${#GUID} -ne 36 ]; then + echo "Couldn't get correct GUID from the response, got only \"$GUID\"" + exit 1 +fi + + +success=0 + +# check notarization status +for i in {1..10}; do + xcrun altool --notarization-info $GUID -u "andrey@zano.org" -p "@keychain:Developer-altool" > $tmpfile 2>&1 + NOTARIZE_OUTPUT=$( cat $tmpfile ) + rm $tmpfile + NOTARIZATION_LOG_URL=$(echo "$NOTARIZE_OUTPUT" | sed -n "s/.*LogFileURL\: \([[:graph:]]*\).*/\1/p") + if [ ${#NOTARIZATION_LOG_URL} -ge 30 ]; then + success=1 + curl -L $NOTARIZATION_LOG_URL + break + fi + sleep 60 +done + +if [ $success -ne 1 ]; then + echo "Build notarization failed" + exit 1 +fi + +echo "Notarization done" diff --git a/utils/build_script_windows.bat b/utils/build_script_windows.bat index d1adaf8e..a224b843 100644 --- a/utils/build_script_windows.bat +++ b/utils/build_script_windows.bat @@ -170,11 +170,11 @@ set installer_path=%BUILDS_PATH%\builds\%installer_file% @echo " SIGNING ...." -:: %ZANO_SIGN_CMD% %installer_path% -:: IF %ERRORLEVEL% NEQ 0 ( -:: @echo "failed to sign installer" -:: goto error -:: ) +%ZANO_SIGN_CMD% %installer_path% +IF %ERRORLEVEL% NEQ 0 ( + @echo "failed to sign installer" + goto error +) @echo " UPLOADING TO SERVER ...." diff --git a/utils/macos_entitlements.plist b/utils/macos_entitlements.plist new file mode 100644 index 00000000..68015469 --- /dev/null +++ b/utils/macos_entitlements.plist @@ -0,0 +1,8 @@ + + + + + com.apple.security.cs.disable-executable-page-protection + + + diff --git a/utils/macosx_dmg_builder.sh b/utils/macosx_dmg_builder.sh index 7defc9cc..4fb211f8 100644 --- a/utils/macosx_dmg_builder.sh +++ b/utils/macosx_dmg_builder.sh @@ -19,6 +19,7 @@ function build_fancy_dmg() # $1 - path to package folder, $2 - dmg output filena --icon Zano.app 112 115 \ --hide-extension Zano.app \ --app-drop-link 365 115 \ + --no-internet-enable \ $2 \ $1