Fix trivial deprecations

We should use SecTrustCopyCertificateChain and then access the CFArray instead of using the deprecated SecTrustGetCertificateCount

Use xpc_connection_send_message_with_reply_sync instead of xpc_connection_send_message_with_reply.

This also gives us the added benefit of not risking priority inversion, since xpc_connection_send_message_with_reply_sync takes care of that already.

Finally, use RtlGetVersion instead of deprecated GetVersionExA.

diff --git a/backend/ipp.c b/backend/ipp.c
index 5bbc8cd22f2a87f7304a58beeb61cfedcde8641f..d260692c5dc969dcc6d70d6fdc73c66d09ab7b23 100644 (file)
--- a/backend/ipp.c
+++ b/backend/ipp.c
@@ -3248,7 +3248,6 @@ run_as_user(char       *argv[],           /* I - Command-line arguments */
   xpc_connection_t     conn;           /* Connection to XPC service */
   xpc_object_t         request;        /* Request message dictionary */
   __block xpc_object_t response;       /* Response message dictionary */
-  dispatch_semaphore_t sem;            /* Semaphore for waiting for response */
   int                  status = CUPS_BACKEND_FAILED;
                                        /* Status of request */
 
@@ -3315,24 +3314,9 @@ run_as_user(char       *argv[],          /* I - Command-line arguments */
   xpc_dictionary_set_fd(request, "stderr", 2);
   xpc_dictionary_set_fd(request, "side-channel", CUPS_SC_FD);
 
-  sem      = dispatch_semaphore_create(0);
-  response = NULL;
+  response = xpc_connection_send_message_with_reply_sync(conn, request);
 
-  xpc_connection_send_message_with_reply(conn, request,
-                                         dispatch_get_global_queue(0,0),
-                                        ^(xpc_object_t reply)
-                                        {
-                                          /* Save the response and wake up */
-                                          if (xpc_get_type(reply)
-                                                  == XPC_TYPE_DICTIONARY)
-                                            response = xpc_retain(reply);
-
-                                          dispatch_semaphore_signal(sem);
-                                        });
-
-  dispatch_semaphore_wait(sem, DISPATCH_TIME_FOREVER);
   xpc_release(request);
-  dispatch_release(sem);
 
   if (response)
   {
@@ -3366,24 +3350,8 @@ run_as_user(char       *argv[],          /* I - Command-line arguments */
   xpc_dictionary_set_int64(request, "command", kPMWaitForJob);
   xpc_dictionary_set_fd(request, "stderr", 2);
 
-  sem      = dispatch_semaphore_create(0);
-  response = NULL;
-
-  xpc_connection_send_message_with_reply(conn, request,
-                                         dispatch_get_global_queue(0,0),
-                                        ^(xpc_object_t reply)
-                                        {
-                                          /* Save the response and wake up */
-                                          if (xpc_get_type(reply)
-                                                  == XPC_TYPE_DICTIONARY)
-                                            response = xpc_retain(reply);
-
-                                          dispatch_semaphore_signal(sem);
-                                        });
-
-  dispatch_semaphore_wait(sem, DISPATCH_TIME_FOREVER);
+  response = xpc_connection_send_message_with_reply_sync(conn, request);
   xpc_release(request);
-  dispatch_release(sem);
 
   if (response)
   {

diff --git a/cups/tls-darwin.c b/cups/tls-darwin.c
index 6caf548e0512297285da876db9c190eb2c514426..666dbc429194ced7d4dbb4318e2c5be8bf5ccda8 100644 (file)
--- a/cups/tls-darwin.c
+++ b/cups/tls-darwin.c
@@ -429,10 +429,7 @@ httpCopyCredentials(
 {
   OSStatus             error;          /* Error code */
   SecTrustRef          peerTrust;      /* Peer trust reference */
-  CFIndex              count;          /* Number of credentials */
-  SecCertificateRef    secCert;        /* Certificate reference */
   CFDataRef            data;           /* Certificate data */
-  int                  i;              /* Looping var */
 
 
   DEBUG_printf(("httpCopyCredentials(http=%p, credentials=%p)", (void *)http, (void *)credentials));
@@ -445,15 +442,16 @@ httpCopyCredentials(
 
   if (!(error = SSLCopyPeerTrust(http->tls, &peerTrust)) && peerTrust)
   {
-    DEBUG_printf(("2httpCopyCredentials: Peer provided %d certificates.", (int)SecTrustGetCertificateCount(peerTrust)));
-
     if ((*credentials = cupsArrayNew(NULL, NULL)) != NULL)
     {
-      count = SecTrustGetCertificateCount(peerTrust);
+      CFArrayRef secArray = SecTrustCopyCertificateChain(peerTrust);
+      CFIndex i, count = CFArrayGetCount(secArray);
 
+      DEBUG_printf(("2httpCopyCredentials: Peer provided %ld certificates.", (long)count));
+      
       for (i = 0; i < count; i ++)
       {
-       secCert = SecTrustGetCertificateAtIndex(peerTrust, i);
+    const SecCertificateRef secCert = CFArrayGetValueAtIndex(secArray, i);
 
 #ifdef DEBUG
         CFStringRef cf_name = SecCertificateCopySubjectSummary(secCert);
@@ -463,17 +461,18 @@ httpCopyCredentials(
        else
          strlcpy(name, "unknown", sizeof(name));
 
-       DEBUG_printf(("2httpCopyCredentials: Certificate %d name is \"%s\".", i, name));
+       DEBUG_printf(("2httpCopyCredentials: Certificate %ld name is \"%s\".", (long)i, name));
 #endif /* DEBUG */
 
        if ((data = SecCertificateCopyData(secCert)) != NULL)
        {
-         DEBUG_printf(("2httpCopyCredentials: Adding %d byte certificate blob.", (int)CFDataGetLength(data)));
+         DEBUG_printf(("2httpCopyCredentials: Adding %ld byte certificate blob.", (long)CFDataGetLength(data)));
 
          httpAddCredential(*credentials, CFDataGetBytePtr(data), (size_t)CFDataGetLength(data));
          CFRelease(data);
        }
       }
+      CFRelease(secArray);
     }
 
     CFRelease(peerTrust);

diff --git a/cups/usersys.c b/cups/usersys.c
index 48ef1f6ac363be654bfccee0c07be19ef9b5a0da..bcab46c7e73e65a6920d891846eff0c339a2be10 100644 (file)
--- a/cups/usersys.c
+++ b/cups/usersys.c
@@ -593,8 +593,19 @@ cupsSetUserAgent(const char *user_agent)/* I - User-Agent string or @code NULL@
   * Gather Windows version information for the User-Agent string...
   */
 
-  version.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
-  GetVersionExA(&version);
+  typedef LONG NTSTATUS, *PNTSTATUS;
+  typedef NTSTATUS(WINAPI * RtlGetVersionPtr)(PRTL_OSVERSIONINFOW);
+
+  RtlGetVersionPtr RtlGetVersionInternal = (RtlGetVersionPtr)GetProcAddress(GetModuleHandleW(L"ntdll.dll"), "RtlGetVersion");
+  if (RtlGetVersionInternal)
+  {
+    version.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
+    RtlGetVersionInternal((PRTL_OSVERSIONINFOW)&version);
+  }
+  else
+  {
+    ZeroMemory(&version, sizeof(version));
+  }
   GetNativeSystemInfo(&sysinfo);
 
   switch (sysinfo.wProcessorArchitecture)

diff --git a/scheduler/sysman.c b/scheduler/sysman.c
index b1b5e003d4c00f1b6bd12c1f36a92ecaa91b0679..c66964a81d78f0afa0bb4f927000ab03691e4b0d 100644 (file)
--- a/scheduler/sysman.c
+++ b/scheduler/sysman.c
@@ -538,7 +538,7 @@ sysEventThreadEntry(void)
   * this later.
   */
 
-  bzero(&timerContext, sizeof(timerContext));
+  memset(&timerContext, 0, sizeof(timerContext));
   timerContext.info = &threadData;
 
   threadData.timerRef =