Skip to content

Commit

Permalink
Drop support for Mac OS X versions unsupported by Rust
Browse files Browse the repository at this point in the history
  • Loading branch information
kornelski committed Jul 14, 2024
1 parent 32cac34 commit 817dbb1
Show file tree
Hide file tree
Showing 12 changed files with 5 additions and 29 deletions.
3 changes: 2 additions & 1 deletion security-framework-sys/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ core-foundation-sys = "0.8.3"
libc = "0.2.139"

[features]
default = ["OSX_10_11"]
default = ["OSX_10_12"]
# Always enabled. No-op.
OSX_10_9 = []
OSX_10_10 = ["OSX_10_9"]
OSX_10_11 = ["OSX_10_10"]
Expand Down
1 change: 0 additions & 1 deletion security-framework-sys/src/item.rs
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ extern "C" {
pub static kSecAttrKeyTypeRC2: CFStringRef;
#[cfg(target_os = "macos")]
pub static kSecAttrKeyTypeCAST: CFStringRef;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub static kSecAttrKeyTypeEC: CFStringRef;

pub static kSecAttrAccessGroup: CFStringRef;
Expand Down
4 changes: 0 additions & 4 deletions security-framework-sys/src/policy.rs
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
use core_foundation_sys::base::CFOptionFlags;
use core_foundation_sys::base::{Boolean, CFTypeID};
use core_foundation_sys::string::CFStringRef;

use crate::base::SecPolicyRef;

#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
mod revocation_flags {
use super::CFOptionFlags;

Expand All @@ -17,12 +15,10 @@ mod revocation_flags {
pub const kSecRevocationUseAnyAvailableMethod: CFOptionFlags = kSecRevocationOCSPMethod | kSecRevocationCRLMethod;
}

#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub use revocation_flags::*;

extern "C" {
pub fn SecPolicyCreateSSL(server: Boolean, hostname: CFStringRef) -> SecPolicyRef;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub fn SecPolicyCreateRevocation(revocationFlags: CFOptionFlags) -> SecPolicyRef;
pub fn SecPolicyGetTypeID() -> CFTypeID;
pub fn SecPolicyCreateBasicX509() -> SecPolicyRef;
Expand Down
2 changes: 0 additions & 2 deletions security-framework-sys/src/secure_transport.rs
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,7 @@ pub type SSLSessionOption = c_int;
pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0;
pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1;
pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4;
#[cfg(all(feature = "OSX_10_11", not(any(target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))))]
pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5;
Expand Down
3 changes: 0 additions & 3 deletions security-framework-sys/src/trust.rs
Original file line number Diff line number Diff line change
Expand Up @@ -65,11 +65,8 @@ extern "C" {
pub fn SecTrustSetPolicies(trust: SecTrustRef, policies: CFTypeRef) -> OSStatus;
#[cfg(target_os = "macos")]
pub fn SecTrustSetOptions(trust: SecTrustRef, options: SecTrustOptionFlags) -> OSStatus;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub fn SecTrustGetNetworkFetchAllowed(trust: SecTrustRef, allowFetch: *mut Boolean) -> OSStatus;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub fn SecTrustSetNetworkFetchAllowed(trust: SecTrustRef, allowFetch: Boolean) -> OSStatus;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub fn SecTrustSetOCSPResponse(trust: SecTrustRef, responseData: CFTypeRef) -> OSStatus;
#[cfg(any(feature = "OSX_10_14", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub fn SecTrustSetSignedCertificateTimestamps(
Expand Down
2 changes: 1 addition & 1 deletion security-framework/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ time = "0.3.17"
tempfile = "3.3.0"

[features]
default = ["OSX_10_11"]
default = ["OSX_10_12"]
alpn = []
session-tickets = []
job-bless = []
Expand Down
1 change: 0 additions & 1 deletion security-framework/src/key.rs
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,6 @@ impl KeyType {
unsafe { Self(kSecAttrKeyTypeCAST) }
}

#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
#[inline(always)]
#[must_use]
pub fn ec() -> Self {
Expand Down
5 changes: 0 additions & 5 deletions security-framework/src/policy.rs
Original file line number Diff line number Diff line change
@@ -1,17 +1,14 @@
//! Security Policies support.
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
use core_foundation::base::CFOptionFlags;
use core_foundation::base::TCFType;
use core_foundation::string::CFString;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
use security_framework_sys::base::errSecParam;
use security_framework_sys::base::SecPolicyRef;
use security_framework_sys::policy::*;
use std::fmt;
use std::ptr;

use crate::secure_transport::SslProtocolSide;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
use crate::Error;

declare_TCFType! {
Expand All @@ -30,7 +27,6 @@ impl fmt::Debug for SecPolicy {
}
}

#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
bitflags::bitflags! {
/// The flags used to specify revocation policy options.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
Expand Down Expand Up @@ -68,7 +64,6 @@ impl SecPolicy {
}
}

#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
/// Creates a `SecPolicy` for checking revocation of certificates.
///
/// If you do not specify this policy creating a `SecTrust` object, the system defaults
Expand Down
4 changes: 0 additions & 4 deletions security-framework/src/secure_transport.rs
Original file line number Diff line number Diff line change
Expand Up @@ -843,14 +843,10 @@ impl SslContext {
/// If enabled, TLS false start will be performed if an appropriate
/// cipher suite is negotiated.
///
/// Requires the `OSX_10_9` (or greater) feature.
#[cfg(feature = "OSX_10_9")]
const kSSLSessionOptionFalseStart: false_start & set_false_start,
/// If enabled, 1/n-1 record splitting will be enabled for TLS 1.0
/// connections using block ciphers to mitigate the BEAST attack.
///
/// Requires the `OSX_10_9` (or greater) feature.
#[cfg(feature = "OSX_10_9")]
const kSSLSessionOptionSendOneByteRecord: send_one_byte_record & set_send_one_byte_record,
}

Expand Down
4 changes: 0 additions & 4 deletions security-framework/src/trust.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ use core_foundation::array::CFArray;
#[cfg(target_os = "macos")]
use core_foundation::array::CFArrayRef;
use core_foundation::base::TCFType;
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
use core_foundation::data::CFData;
use core_foundation::date::CFDate;
use core_foundation_sys::base::{Boolean, CFIndex};
Expand Down Expand Up @@ -165,7 +164,6 @@ impl SecTrust {

/// Indicates whether this trust object is permitted to
/// fetch missing intermediate certificates from the network.
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub fn get_network_fetch_allowed(&mut self) -> Result<bool> {
let mut allowed = 0;

Expand All @@ -176,15 +174,13 @@ impl SecTrust {

/// Specifies whether this trust object is permitted to
/// fetch missing intermediate certificates from the network.
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
#[inline]
pub fn set_network_fetch_allowed(&mut self, allowed: bool) -> Result<()> {
unsafe { cvt(SecTrustSetNetworkFetchAllowed(self.0, allowed as u8)) }
}

/// Attaches Online Certificate Status Protocol (OSCP) response data
/// to this trust object.
#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
pub fn set_trust_ocsp_response<I: Iterator<Item = impl AsRef<[u8]>>>(
&mut self,
ocsp_response: I,
Expand Down
4 changes: 2 additions & 2 deletions systest/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ libc = "0.2.139"
ctest2 = "0.4.7"

[features]
OSX_10_9 = ["security-framework-sys/OSX_10_9"]
OSX_10_10 = ["OSX_10_9", "security-framework-sys/OSX_10_10"]
default = ["security-framework-sys/OSX_10_9"]
OSX_10_10 = ["security-framework-sys/OSX_10_10"]
OSX_10_11 = ["OSX_10_10", "security-framework-sys/OSX_10_11"]
OSX_10_12 = ["OSX_10_11", "security-framework-sys/OSX_10_12"]
OSX_10_13 = ["OSX_10_12", "security-framework-sys/OSX_10_13"]
Expand Down
1 change: 0 additions & 1 deletion systest/build.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ use std::env;
fn main() {
let mut test = ctest2::TestGenerator::new();

#[cfg(feature = "OSX_10_9")]
test.cfg("feature", Some("OSX_10_9"));
#[cfg(feature = "OSX_10_10")]
test.cfg("feature", Some("OSX_10_10"));
Expand Down

0 comments on commit 817dbb1

Please sign in to comment.