Commit 1a071711 authored by David Fuhrmann's avatar David Fuhrmann

contrib: gnutls: Drop mac keychain lookup patch

Similar code is now part of the release itself, therefore this
patch is not needed anymore.
parent 38c1add4
--- gnutls-old/lib/Makefile.am
+++ gnutls/lib/Makefile.am
@@ -206,6 +206,10 @@
thirdparty_libadd += -lcrypt32
endif
+if MACOSX
+libgnutls_la_LDFLAGS += -Wl,-framework,Security,-framework,CoreFoundation
+endif
+
libgnutls_la_LIBADD += $(thirdparty_libadd)
# C++ library
--- gnutls-old/lib/system/certs.c
+++ gnutls/lib/system/certs.c
@@ -270,6 +270,43 @@
return r;
}
+
+#elif defined(__APPLE__) && TARGET_OS_MAC
+
+#include "TargetConditionals.h"
+#define _UINT64
+#include <Security/Security.h>
+#include <Security/SecCertificate.h>
+
+static
+int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags, unsigned int tl_vflags)
+{
+ CFArrayRef anchors;
+ int ret = 0;
+ if (SecTrustCopyAnchorCertificates(&anchors) != 0)
+ return -1;
+
+ CFIndex count = CFArrayGetCount(anchors);
+ for (int i = 0; i < count; i++) {
+ SecCertificateRef certref = (SecCertificateRef)CFArrayGetValueAtIndex(anchors, i);
+
+ CSSM_DATA certData;
+ SecCertificateGetData(certref, &certData);
+ gnutls_datum data = {
+ .data = certData.Data,
+ .size = certData.Length,
+ };
+
+ if (!gnutls_x509_trust_list_add_trust_mem(list, &data, NULL, GNUTLS_X509_FMT_DER, tl_flags, tl_vflags))
+ printf("cannot add x509 credentials\n");
+ else
+ ret++;
+ }
+ CFRelease(anchors);
+
+ return ret;
+}
+
#else
#define add_system_trust(x,y,z) GNUTLS_E_UNIMPLEMENTED_FEATURE
......@@ -33,7 +33,6 @@ ifdef HAVE_ANDROID
endif
$(APPLY) $(SRC)/gnutls/read-file-limits.h.patch
ifdef HAVE_MACOSX
$(APPLY) $(SRC)/gnutls/mac-keychain-lookup.patch
$(APPLY) $(SRC)/gnutls/gnutls-pkgconfig-osx.patch
$(APPLY) $(SRC)/gnutls/gnutls-disable-getentropy-osx.patch
$(APPLY) $(SRC)/gnutls/gnutls-disable-connectx-macos.patch
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment