electrum: code signature invalid for running process

@marcomasser @ecdsa Hey! I did it! I created the PR for PyInstaller. It is here. https://github.com/pyinstaller/pyinstaller/pull/3991

Feel free to go into the PR conversation and lobby for it. Perhaps the squaky wheel gets more grease…

@ecdsa : Note this is against their 3.5 ‘develop’ branch. I want to also make this for our private use against the current release 3.4 branch, and package it into a .zip (along with my ‘AppleEvents’ changes that will allow Electrum to open URLs once it’s running – currently it can’t do that – URLs only work if Electrum wasn’t running!). So I will be doing this regardless for Electron Cash… let me know if you are interested and you can use the exact same PyInstaller.zip file in your Electrum project and it can be easily added to the make_osx script… I’ll let you know when that’s done.

Cool. When I do submit the PR I’ll let you know so you can go in there and lobby for it, ha.

Thanks! 😃

@cculianu: Got it, thanks for the explanation. Good to know this is rather generic.

As for the likelihood of such a change being merged: I can tell even less than you. But I would hope that this kind of thing would be something that they are interested in. Especially considering Apple‘s announcements that:

• The Hardened Runtime introduced in macOS Mojave kills apps whose code signature gets invalidated (as far as I understand).
• Notarized apps must use the Hardened Runtime.
• In the future, all Developer ID signed apps must be notarized.

In short: There will be a point in the future where PyInstall either must implement this or be only usable for developers who do not sign their code at all.

Don‘t get me wrong, I don‘t want to belittle your other pull request, but the impact of this seems greater than not being able to open URLs and accept drag&drop. Although a good Mac app should do these things properly, of course!

@cculianu: You rock! 🎉 I downloaded your build and everything checks out fine. According to codesign the code signature on disk is fine, the code signature of all dynamically linked libraries on disk in the temporary directory is fine, and the code signature of the running process is fine. As a result, Little Snitch shows that everything is as it should be.

In short: If your changes can be upstreamed into Electrum, I would consider this issue fixed.

@cculianu: 😀 Thank you so much for investing your time into this! If there’s anything I can help, just let me know.

Also, thanks again @tessus for bringing this to my attention!

@marcomasser — you are absolutely right on all fronts. You made me laugh: good point that this is much more critical that the other patch. (The other patch was also all C based which may be intimidating/time-consuming to review).

You’ve convinced me.

I’ll submit a patch to PyInstaller. Also thanks for the bullet point list. I’ll be sure to use that as arguments along with the PR write up to scare them to pay attention. Ha ha.

(also this patch is probably going to be tiny and 100% python so it stands a stronger shot on that front too).

Thanks!

I’m not familiar with PyInstaller, but I assumed that Electrum uses some kind of thing that allows it to be packaged up in such a way. Since it seems to use a bunch of libraries that are packaged up into a single file (the executable) I think it should be possible to sign those libraries before packaging them up. I’ll have a look at it and see if I can find anything.