From b40969b45ce45af90b86b7eb899674141ad5e909 Mon Sep 17 00:00:00 2001
From: Brian Clifton <brian@clifton.me>
Date: Mon, 29 Jul 2019 19:36:03 -0700
Subject: [PATCH] Manually revert parts of
 https://chromium.googlesource.com/chromium/src/+/4aa3a22f4387

This option works great for Chrome because they bundle Widevine. Since we don't (we fetch using component updater), the TeamID doesn't match which causes the Library check to fail.

Above commit is part of the larger commit which was rolled up in:
https://chromium.googlesource.com/chromium/src/+/194826d6f8a3a0d932e18ed0f5452fd5c488e490%5E%21/#F29

Fixes https://github.com/brave/brave-browser/issues/5433
---
 ...rome-installer-mac-signing-signing.py.patch | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/patches/chrome-installer-mac-signing-signing.py.patch b/patches/chrome-installer-mac-signing-signing.py.patch
index 55eed536cf3b..cff49e01c46b 100644
--- a/patches/chrome-installer-mac-signing-signing.py.patch
+++ b/patches/chrome-installer-mac-signing-signing.py.patch
@@ -1,5 +1,5 @@
 diff --git a/chrome/installer/mac/signing/signing.py b/chrome/installer/mac/signing/signing.py
-index de69f7ba6cca5729ab83ff076211be36354d0f60..63791734d49a77999e446f1083f137e910fbdd8b 100644
+index de69f7ba6cca5729ab83ff076211be36354d0f60..875803bff951845a97cb771d445b272113a5ed91 100644
 --- a/chrome/installer/mac/signing/signing.py
 +++ b/chrome/installer/mac/signing/signing.py
 @@ -11,6 +11,7 @@ import os.path
@@ -10,7 +10,17 @@ index de69f7ba6cca5729ab83ff076211be36354d0f60..63791734d49a77999e446f1083f137e9
  
  _PROVISIONPROFILE_EXT = '.provisionprofile'
  _PROVISIONPROFILE_DEST = 'embedded.provisionprofile'
-@@ -124,6 +125,7 @@ def get_parts(config):
+@@ -76,7 +77,8 @@ def get_parts(config):
+                 '{0.framework_dir}/Helpers/{0.product} Helper.app'.format(
+                     config),
+                 '{}.helper'.format(uncustomized_bundle_id),
+-                options=full_hardened_runtime_options,
++                options=CodeSignOptions.RESTRICT + CodeSignOptions.KILL +
++                CodeSignOptions.HARDENED_RUNTIME,
+                 verify_options=VerifyOptions.DEEP),
+         'helper-renderer-app':
+             CodeSignedProduct(
+@@ -124,6 +126,7 @@ def get_parts(config):
              library_basename.replace('.dylib', ''),
              verify_options=VerifyOptions.DEEP)
  
@@ -18,7 +28,7 @@ index de69f7ba6cca5729ab83ff076211be36354d0f60..63791734d49a77999e446f1083f137e9
      return parts
  
  
-@@ -168,7 +170,7 @@ def sign_part(paths, config, part):
+@@ -168,7 +171,7 @@ def sign_part(paths, config, part):
          part: The |model.CodeSignedProduct| to sign. The product's |path| must
              be in |paths.work|.
      """
@@ -27,7 +37,7 @@ index de69f7ba6cca5729ab83ff076211be36354d0f60..63791734d49a77999e446f1083f137e9
      if config.notary_user:
          # Assume if the config has notary authentication information that the
          # products will be notarized, which requires a secure timestamp.
-@@ -260,6 +262,7 @@ def sign_chrome(paths, config, sign_framework=False):
+@@ -260,6 +263,7 @@ def sign_chrome(paths, config, sign_framework=False):
                  continue
              sign_part(paths, config, part)