diff --git a/security-framework-sys/Cargo.toml b/security-framework-sys/Cargo.toml index 27c445bb..8ac236c6 100644 --- a/security-framework-sys/Cargo.toml +++ b/security-framework-sys/Cargo.toml @@ -16,7 +16,8 @@ core-foundation-sys = "0.8.3" libc = "0.2.139" [features] -default = ["OSX_10_11"] +default = ["OSX_10_12"] +# Always enabled. No-op. OSX_10_9 = [] OSX_10_10 = ["OSX_10_9"] OSX_10_11 = ["OSX_10_10"] diff --git a/security-framework-sys/src/item.rs b/security-framework-sys/src/item.rs index 6ffb1ac3..5faa121e 100644 --- a/security-framework-sys/src/item.rs +++ b/security-framework-sys/src/item.rs @@ -62,7 +62,6 @@ extern "C" { pub static kSecAttrKeyTypeRC2: CFStringRef; #[cfg(target_os = "macos")] pub static kSecAttrKeyTypeCAST: CFStringRef; - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub static kSecAttrKeyTypeEC: CFStringRef; pub static kSecAttrAccessGroup: CFStringRef; diff --git a/security-framework-sys/src/policy.rs b/security-framework-sys/src/policy.rs index 5f707275..b30fa72f 100644 --- a/security-framework-sys/src/policy.rs +++ b/security-framework-sys/src/policy.rs @@ -1,11 +1,9 @@ -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] use core_foundation_sys::base::CFOptionFlags; use core_foundation_sys::base::{Boolean, CFTypeID}; use core_foundation_sys::string::CFStringRef; use crate::base::SecPolicyRef; -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] mod revocation_flags { use super::CFOptionFlags; @@ -17,12 +15,10 @@ mod revocation_flags { pub const kSecRevocationUseAnyAvailableMethod: CFOptionFlags = kSecRevocationOCSPMethod | kSecRevocationCRLMethod; } -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub use revocation_flags::*; extern "C" { pub fn SecPolicyCreateSSL(server: Boolean, hostname: CFStringRef) -> SecPolicyRef; - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub fn SecPolicyCreateRevocation(revocationFlags: CFOptionFlags) -> SecPolicyRef; pub fn SecPolicyGetTypeID() -> CFTypeID; pub fn SecPolicyCreateBasicX509() -> SecPolicyRef; diff --git a/security-framework-sys/src/secure_transport.rs b/security-framework-sys/src/secure_transport.rs index ab46acf5..cb29b1c0 100644 --- a/security-framework-sys/src/secure_transport.rs +++ b/security-framework-sys/src/secure_transport.rs @@ -30,9 +30,7 @@ pub type SSLSessionOption = c_int; pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0; pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1; pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2; -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3; -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4; #[cfg(all(feature = "OSX_10_11", not(any(target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))))] pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5; diff --git a/security-framework-sys/src/trust.rs b/security-framework-sys/src/trust.rs index 793a581a..363e1eec 100644 --- a/security-framework-sys/src/trust.rs +++ b/security-framework-sys/src/trust.rs @@ -65,11 +65,8 @@ extern "C" { pub fn SecTrustSetPolicies(trust: SecTrustRef, policies: CFTypeRef) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecTrustSetOptions(trust: SecTrustRef, options: SecTrustOptionFlags) -> OSStatus; - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub fn SecTrustGetNetworkFetchAllowed(trust: SecTrustRef, allowFetch: *mut Boolean) -> OSStatus; - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub fn SecTrustSetNetworkFetchAllowed(trust: SecTrustRef, allowFetch: Boolean) -> OSStatus; - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub fn SecTrustSetOCSPResponse(trust: SecTrustRef, responseData: CFTypeRef) -> OSStatus; #[cfg(any(feature = "OSX_10_14", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub fn SecTrustSetSignedCertificateTimestamps( diff --git a/security-framework/Cargo.toml b/security-framework/Cargo.toml index f9dc6116..37be2796 100644 --- a/security-framework/Cargo.toml +++ b/security-framework/Cargo.toml @@ -31,7 +31,7 @@ time = "0.3.17" tempfile = "3.3.0" [features] -default = ["OSX_10_11"] +default = ["OSX_10_12"] alpn = [] session-tickets = [] job-bless = [] diff --git a/security-framework/src/key.rs b/security-framework/src/key.rs index 342a61c9..a244de8c 100644 --- a/security-framework/src/key.rs +++ b/security-framework/src/key.rs @@ -108,7 +108,6 @@ impl KeyType { unsafe { Self(kSecAttrKeyTypeCAST) } } - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] #[inline(always)] #[must_use] pub fn ec() -> Self { diff --git a/security-framework/src/policy.rs b/security-framework/src/policy.rs index af172d99..f70a97c5 100644 --- a/security-framework/src/policy.rs +++ b/security-framework/src/policy.rs @@ -1,9 +1,7 @@ //! Security Policies support. -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] use core_foundation::base::CFOptionFlags; use core_foundation::base::TCFType; use core_foundation::string::CFString; -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] use security_framework_sys::base::errSecParam; use security_framework_sys::base::SecPolicyRef; use security_framework_sys::policy::*; @@ -11,7 +9,6 @@ use std::fmt; use std::ptr; use crate::secure_transport::SslProtocolSide; -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] use crate::Error; declare_TCFType! { @@ -30,7 +27,6 @@ impl fmt::Debug for SecPolicy { } } -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] bitflags::bitflags! { /// The flags used to specify revocation policy options. #[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)] @@ -68,7 +64,6 @@ impl SecPolicy { } } - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] /// Creates a `SecPolicy` for checking revocation of certificates. /// /// If you do not specify this policy creating a `SecTrust` object, the system defaults diff --git a/security-framework/src/secure_transport.rs b/security-framework/src/secure_transport.rs index 8fd45c8b..a4e7cb7f 100644 --- a/security-framework/src/secure_transport.rs +++ b/security-framework/src/secure_transport.rs @@ -843,14 +843,10 @@ impl SslContext { /// If enabled, TLS false start will be performed if an appropriate /// cipher suite is negotiated. /// - /// Requires the `OSX_10_9` (or greater) feature. - #[cfg(feature = "OSX_10_9")] const kSSLSessionOptionFalseStart: false_start & set_false_start, /// If enabled, 1/n-1 record splitting will be enabled for TLS 1.0 /// connections using block ciphers to mitigate the BEAST attack. /// - /// Requires the `OSX_10_9` (or greater) feature. - #[cfg(feature = "OSX_10_9")] const kSSLSessionOptionSendOneByteRecord: send_one_byte_record & set_send_one_byte_record, } diff --git a/security-framework/src/trust.rs b/security-framework/src/trust.rs index 7ac46252..79181d9f 100644 --- a/security-framework/src/trust.rs +++ b/security-framework/src/trust.rs @@ -4,7 +4,6 @@ use core_foundation::array::CFArray; #[cfg(target_os = "macos")] use core_foundation::array::CFArrayRef; use core_foundation::base::TCFType; -#[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] use core_foundation::data::CFData; use core_foundation::date::CFDate; use core_foundation_sys::base::{Boolean, CFIndex}; @@ -165,7 +164,6 @@ impl SecTrust { /// Indicates whether this trust object is permitted to /// fetch missing intermediate certificates from the network. - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub fn get_network_fetch_allowed(&mut self) -> Result { let mut allowed = 0; @@ -176,7 +174,6 @@ impl SecTrust { /// Specifies whether this trust object is permitted to /// fetch missing intermediate certificates from the network. - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] #[inline] pub fn set_network_fetch_allowed(&mut self, allowed: bool) -> Result<()> { unsafe { cvt(SecTrustSetNetworkFetchAllowed(self.0, allowed as u8)) } @@ -184,7 +181,6 @@ impl SecTrust { /// Attaches Online Certificate Status Protocol (OSCP) response data /// to this trust object. - #[cfg(any(feature = "OSX_10_9", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))] pub fn set_trust_ocsp_response>>( &mut self, ocsp_response: I, diff --git a/systest/Cargo.toml b/systest/Cargo.toml index d432a699..80827db7 100644 --- a/systest/Cargo.toml +++ b/systest/Cargo.toml @@ -14,8 +14,8 @@ libc = "0.2.139" ctest2 = "0.4.7" [features] -OSX_10_9 = ["security-framework-sys/OSX_10_9"] -OSX_10_10 = ["OSX_10_9", "security-framework-sys/OSX_10_10"] +default = ["security-framework-sys/OSX_10_9"] +OSX_10_10 = ["security-framework-sys/OSX_10_10"] OSX_10_11 = ["OSX_10_10", "security-framework-sys/OSX_10_11"] OSX_10_12 = ["OSX_10_11", "security-framework-sys/OSX_10_12"] OSX_10_13 = ["OSX_10_12", "security-framework-sys/OSX_10_13"] diff --git a/systest/build.rs b/systest/build.rs index 225fbae5..e8797515 100644 --- a/systest/build.rs +++ b/systest/build.rs @@ -3,7 +3,6 @@ use std::env; fn main() { let mut test = ctest2::TestGenerator::new(); - #[cfg(feature = "OSX_10_9")] test.cfg("feature", Some("OSX_10_9")); #[cfg(feature = "OSX_10_10")] test.cfg("feature", Some("OSX_10_10"));