From ffbf1e61ffbb56b95018ef4301e4ddb230b88468 Mon Sep 17 00:00:00 2001 From: Michael R Sweet Date: Tue, 22 Jan 2019 12:38:24 -0500 Subject: [PATCH] Fix some build issues with the "core" component selection (rdar://47394086) - Availability macros were incorrect. - Some driver headers/definitions were installed even when the core library does not contain them. - Fix up the macOS/iOS detection of keychain/API availability - just need to use the TARGET_OS_xxx macros instead. - When installing private headers, install config.h so that the private headers actually work. --- Makedefs.in | 2 + config-scripts/cups-common.m4 | 7 ++++ config-scripts/cups-ssl.m4 | 9 +--- config.h.in | 21 ---------- configure | 19 ++++----- cups/Makefile | 27 ++++++++---- cups/cups.h | 11 ++--- cups/http-private.h | 3 -- cups/ppd-private.h | 3 +- cups/raster-private.h | 3 +- cups/sidechannel.h | 20 +++++++-- cups/tls-darwin.c | 79 ++++++++++++++++++----------------- cups/versioning.h | 16 +++---- xcode/config.h | 25 ----------- 14 files changed, 110 insertions(+), 135 deletions(-) diff --git a/Makedefs.in b/Makedefs.in index f96a5e9bf..8bb06608d 100644 --- a/Makedefs.in +++ b/Makedefs.in @@ -96,6 +96,8 @@ LIBCUPSIMAGE = @LIBCUPSIMAGE@ LIBCUPSOBJS = @LIBCUPSOBJS@ LIBCUPSSTATIC = @LIBCUPSSTATIC@ LIBGSSAPI = @LIBGSSAPI@ +LIBHEADERS = @LIBHEADERS@ +LIBHEADERSPRIV = @LIBHEADERSPRIV@ LIBMALLOC = @LIBMALLOC@ LIBMXML = @LIBMXML@ LIBPAPER = @LIBPAPER@ diff --git a/config-scripts/cups-common.m4 b/config-scripts/cups-common.m4 index d0d0d90d3..27dc33436 100644 --- a/config-scripts/cups-common.m4 +++ b/config-scripts/cups-common.m4 @@ -440,6 +440,9 @@ AC_ARG_WITH(components, [ --with-components set components to build: cupsimagebase="cupsimage" LIBCUPSOBJS="\$(COREOBJS) \$(DRIVEROBJS)" +LIBHEADERS="\$(COREHEADERS) \$(DRIVERHEADERS)" +LIBHEADERSPRIV="\$(COREHEADERSPRIV) \$(DRIVERHEADERSPRIV)" + case "$COMPONENTS" in all) BUILDDIRS="test filter backend berkeley cgi-bin monitor notifier ppdc scheduler systemv conf data desktop locale man doc examples templates" @@ -458,6 +461,8 @@ case "$COMPONENTS" in BUILDDIRS="locale" cupsimagebase="" LIBCUPSOBJS="\$(COREOBJS)" + LIBHEADERS="\$(COREHEADERS)" + LIBHEADERSPRIV="\$(COREHEADERSPRIV)" ;; *) @@ -467,3 +472,5 @@ esac AC_SUBST(BUILDDIRS) AC_SUBST(LIBCUPSOBJS) +AC_SUBST(LIBHEADERS) +AC_SUBST(LIBHEADERSPRIV) diff --git a/config-scripts/cups-ssl.m4 b/config-scripts/cups-ssl.m4 index 957e0b08a..8446e3d15 100644 --- a/config-scripts/cups-ssl.m4 +++ b/config-scripts/cups-ssl.m4 @@ -43,14 +43,7 @@ if test x$enable_ssl != xno; then AC_CHECK_HEADER(Security/SecBasePriv.h, AC_DEFINE(HAVE_SECBASEPRIV_H)) AC_CHECK_HEADER(Security/SecIdentitySearchPriv.h, - AC_DEFINE(HAVE_SECIDENTITYSEARCHPRIV_H)) - - AC_DEFINE(HAVE_CSSMERRORSTRING) - AC_DEFINE(HAVE_SECKEYCHAINOPEN)]) - - if test $host_os_version -ge 150; then - AC_DEFINE(HAVE_SSLSETENABLEDCIPHERS) - fi + AC_DEFINE(HAVE_SECIDENTITYSEARCHPRIV_H))]) fi fi diff --git a/config.h.in b/config.h.in index b71af0ede..4323e5ea7 100644 --- a/config.h.in +++ b/config.h.in @@ -328,13 +328,6 @@ #undef HAVE_SECURETRANSPORTPRIV_H -/* - * Do we have the cssmErrorString function? - */ - -#undef HAVE_CSSMERRORSTRING - - /* * Do we have the SecGenerateSelfSignedCertificate function? */ @@ -342,20 +335,6 @@ #undef HAVE_SECGENERATESELFSIGNEDCERTIFICATE -/* - * Do we have the SecKeychainOpen function? - */ - -#undef HAVE_SECKEYCHAINOPEN - - -/* - * Do we have (a working) SSLSetEnabledCiphers function? - */ - -#undef HAVE_SSLSETENABLEDCIPHERS - - /* * Do we have libpaper? */ diff --git a/configure b/configure index 626d78a77..7fb26fd18 100755 --- a/configure +++ b/configure @@ -717,6 +717,8 @@ CUPS_DATADIR CUPS_CACHEDIR PRIVATEINCLUDE privateinclude +LIBHEADERSPRIV +LIBHEADERS LIBCUPSOBJS BUILDDIRS INSTALLXPC @@ -6106,6 +6108,9 @@ fi cupsimagebase="cupsimage" LIBCUPSOBJS="\$(COREOBJS) \$(DRIVEROBJS)" +LIBHEADERS="\$(COREHEADERS) \$(DRIVERHEADERS)" +LIBHEADERSPRIV="\$(COREHEADERSPRIV) \$(DRIVERHEADERSPRIV)" + case "$COMPONENTS" in all) BUILDDIRS="test filter backend berkeley cgi-bin monitor notifier ppdc scheduler systemv conf data desktop locale man doc examples templates" @@ -6124,6 +6129,8 @@ case "$COMPONENTS" in BUILDDIRS="locale" cupsimagebase="" LIBCUPSOBJS="\$(COREOBJS)" + LIBHEADERS="\$(COREHEADERS)" + LIBHEADERSPRIV="\$(COREHEADERSPRIV)" ;; *) @@ -6137,6 +6144,8 @@ esac + + if test "$prefix" = "NONE"; then prefix="/" fi @@ -8353,19 +8362,9 @@ if test "x$ac_cv_header_Security_SecIdentitySearchPriv_h" = xyes; then : fi - - $as_echo "#define HAVE_CSSMERRORSTRING 1" >>confdefs.h - - $as_echo "#define HAVE_SECKEYCHAINOPEN 1" >>confdefs.h - fi - - if test $host_os_version -ge 150; then - $as_echo "#define HAVE_SSLSETENABLEDCIPHERS 1" >>confdefs.h - - fi fi fi diff --git a/cups/Makefile b/cups/Makefile index a751aadaa..35cd6bb01 100644 --- a/cups/Makefile +++ b/cups/Makefile @@ -117,25 +117,29 @@ OBJS = \ # Header files to install... # -HEADERS = \ - adminutil.h \ +COREHEADERS = \ array.h \ - backend.h \ cups.h \ dir.h \ file.h \ http.h \ ipp.h \ language.h \ - ppd.h \ pwg.h \ raster.h \ - sidechannel.h \ transcode.h \ versioning.h -HEADERSPRIV = \ - ../config.h \ +DRIVERHEADERS = \ + adminutil.h \ + backend.h \ + ppd.h \ + sidechannel.h + +HEADERS = \ + $(LIBHEADERS) + +COREHEADERSPRIV = \ array-private.h \ cups-private.h \ debug-private.h \ @@ -143,13 +147,18 @@ HEADERSPRIV = \ http-private.h \ ipp-private.h \ language-private.h \ - ppd-private.h \ pwg-private.h \ raster-private.h \ - snmp-private.h \ string-private.h \ thread-private.h +DRIVERHEADERSPRIV = \ + ppd-private.h \ + snmp-private.h + +HEADERSPRIV = \ + $(LIBHEADERSPRIV) + # # Targets in this directory... diff --git a/cups/cups.h b/cups/cups.h index e1d3d6870..e64fdcc96 100644 --- a/cups/cups.h +++ b/cups/cups.h @@ -1,10 +1,11 @@ /* * API definitions for CUPS. * - * Copyright 2007-2017 by Apple Inc. - * Copyright 1997-2007 by Easy Software Products. + * Copyright © 2007-2019 by Apple Inc. + * Copyright © 1997-2007 by Easy Software Products. * - * Licensed under Apache License v2.0. See the file "LICENSE" for more information. + * Licensed under Apache License v2.0. See the file "LICENSE" for more + * information. */ #ifndef _CUPS_CUPS_H_ @@ -410,10 +411,6 @@ extern int cupsSetDests2(http_t *http, int num_dests, cups_dest_t *dests) _CUPS_API_1_1_21; /**** New in CUPS 1.2/macOS 10.5 ****/ -extern ssize_t cupsBackChannelRead(char *buffer, size_t bytes, - double timeout) _CUPS_API_1_2; -extern ssize_t cupsBackChannelWrite(const char *buffer, size_t bytes, - double timeout) _CUPS_API_1_2; extern void cupsEncodeOptions2(ipp_t *ipp, int num_options, cups_option_t *options, ipp_tag_t group_tag) _CUPS_API_1_2; diff --git a/cups/http-private.h b/cups/http-private.h index 9a789cf74..1e9022bd1 100644 --- a/cups/http-private.h +++ b/cups/http-private.h @@ -154,9 +154,6 @@ typedef gnutls_certificate_credentials_t *http_tls_credentials_t; * for its IO and protocol management... */ -# if !defined(HAVE_SECBASEPRIV_H) && defined(HAVE_CSSMERRORSTRING) /* Declare prototype for function in that header... */ -extern const char *cssmErrorString(int error); -# endif /* !HAVE_SECBASEPRIV_H && HAVE_CSSMERRORSTRING */ # if !defined(HAVE_SECIDENTITYSEARCHPRIV_H) && defined(HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY) /* Declare prototype for function in that header... */ extern OSStatus SecIdentitySearchCreateWithPolicy(SecPolicyRef policy, CFStringRef idString, CSSM_KEYUSE keyUsage, diff --git a/cups/ppd-private.h b/cups/ppd-private.h index bb094edf5..7b406c971 100644 --- a/cups/ppd-private.h +++ b/cups/ppd-private.h @@ -1,7 +1,7 @@ /* * Private PPD definitions for CUPS. * - * Copyright © 2007-2018 by Apple Inc. + * Copyright © 2007-2019 by Apple Inc. * Copyright © 1997-2007 by Easy Software Products, all rights reserved. * * Licensed under Apache License v2.0. See the file "LICENSE" for more @@ -156,6 +156,7 @@ struct _ppd_cache_s /**** PPD cache and PWG conversion data ****/ */ extern int _cupsConvertOptions(ipp_t *request, ppd_file_t *ppd, _ppd_cache_t *pc, ipp_attribute_t *media_col_sup, ipp_attribute_t *doc_handling_sup, ipp_attribute_t *print_color_mode_sup, const char *user, const char *format, int copies, int num_options, cups_option_t *options) _CUPS_PRIVATE; +extern int _cupsRasterExecPS(cups_page_header2_t *h, int *preferred_bits, const char *code) _CUPS_NONNULL(3) _CUPS_PRIVATE; extern int _cupsRasterInterpretPPD(cups_page_header2_t *h, ppd_file_t *ppd, int num_options, cups_option_t *options, cups_interpret_cb_t func) _CUPS_PRIVATE; extern _ppd_cache_t *_ppdCacheCreateWithFile(const char *filename, diff --git a/cups/raster-private.h b/cups/raster-private.h index 1852341b7..4b03dbc55 100644 --- a/cups/raster-private.h +++ b/cups/raster-private.h @@ -1,7 +1,7 @@ /* * Private image library definitions for CUPS. * - * Copyright © 2007-2018 by Apple Inc. + * Copyright © 2007-2019 by Apple Inc. * Copyright © 1993-2006 by Easy Software Products. * * Licensed under Apache License v2.0. See the file "LICENSE" for more @@ -87,7 +87,6 @@ extern void _cupsRasterClearError(void) _CUPS_PRIVATE; extern const char *_cupsRasterColorSpaceString(cups_cspace_t cspace) _CUPS_PRIVATE; extern void _cupsRasterDelete(cups_raster_t *r) _CUPS_PRIVATE; extern const char *_cupsRasterErrorString(void) _CUPS_PRIVATE; -extern int _cupsRasterExecPS(cups_page_header2_t *h, int *preferred_bits, const char *code) _CUPS_NONNULL(3) _CUPS_PRIVATE; extern int _cupsRasterInitPWGHeader(cups_page_header2_t *h, pwg_media_t *media, const char *type, int xdpi, int ydpi, const char *sides, const char *sheet_back) _CUPS_PRIVATE; extern cups_raster_t *_cupsRasterNew(cups_raster_iocb_t iocb, void *ctx, cups_mode_t mode) _CUPS_PRIVATE; extern unsigned _cupsRasterReadHeader(cups_raster_t *r) _CUPS_PRIVATE; diff --git a/cups/sidechannel.h b/cups/sidechannel.h index 229acdc87..538b8b236 100644 --- a/cups/sidechannel.h +++ b/cups/sidechannel.h @@ -1,8 +1,8 @@ /* * Side-channel API definitions for CUPS. * - * Copyright 2007-2012 by Apple Inc. - * Copyright 2006 by Easy Software Products. + * Copyright © 2007-2019 by Apple Inc. + * Copyright © 2006 by Easy Software Products. * * Licensed under Apache License v2.0. See the file "LICENSE" for more information. */ @@ -15,6 +15,13 @@ */ # include "versioning.h" +# include +# if defined(_WIN32) && !defined(__CUPS_SSIZE_T_DEFINED) +# define __CUPS_SSIZE_T_DEFINED +# include +/* Windows does not support the ssize_t type, so map it to long... */ +typedef long ssize_t; /* @private@ */ +# endif /* _WIN32 && !__CUPS_SSIZE_T_DEFINED */ /* @@ -107,6 +114,13 @@ typedef void (*cups_sc_walk_func_t)(const char *oid, const char *data, * Prototypes... */ +/**** New in CUPS 1.2/macOS 10.5 ****/ +extern ssize_t cupsBackChannelRead(char *buffer, size_t bytes, + double timeout) _CUPS_API_1_2; +extern ssize_t cupsBackChannelWrite(const char *buffer, size_t bytes, + double timeout) _CUPS_API_1_2; + +/**** New in CUPS 1.3/macOS 10.5 ****/ extern cups_sc_status_t cupsSideChannelDoRequest(cups_sc_command_t command, char *data, int *datalen, double timeout) _CUPS_API_1_3; @@ -119,7 +133,7 @@ extern int cupsSideChannelWrite(cups_sc_command_t command, const char *data, int datalen, double timeout) _CUPS_API_1_3; -/**** New in CUPS 1.4 ****/ +/**** New in CUPS 1.4/macOS 10.6 ****/ extern cups_sc_status_t cupsSideChannelSNMPGet(const char *oid, char *data, int *datalen, double timeout) _CUPS_API_1_4; diff --git a/cups/tls-darwin.c b/cups/tls-darwin.c index d0b65f1eb..dd19daa51 100644 --- a/cups/tls-darwin.c +++ b/cups/tls-darwin.c @@ -60,6 +60,8 @@ extern SecIdentityRef SecIdentityCreate(CFAllocatorRef allocator, SecCertificate # include #endif /* HAVE_SECPOLICYPRIV_H */ +//extern SecCertificateRef SecGenerateSelfSignedCertificate(CFArrayRef subject, CFDictionaryRef parameters, SecKeyRef _Nullable publicKey, SecKeyRef privateKey); + /* * Constants, very secure stuff... @@ -77,7 +79,7 @@ static int tls_auto_create = 0; /* Auto-create self-signed certs? */ static char *tls_common_name = NULL; /* Default common name */ -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX static int tls_cups_keychain = 0; /* Opened the CUPS keychain? */ static SecKeychainRef tls_keychain = NULL; @@ -85,7 +87,7 @@ static SecKeychainRef tls_keychain = NULL; #else static SecIdentityRef tls_selfsigned = NULL; /* Temporary self-signed cert */ -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ static char *tls_keypath = NULL; /* Server cert keychain path */ static _cups_mutex_t tls_mutex = _CUPS_MUTEX_INITIALIZER; @@ -101,11 +103,11 @@ static int tls_options = -1,/* Options for TLS connections */ static CFArrayRef http_cdsa_copy_server(const char *common_name); static SecCertificateRef http_cdsa_create_credential(http_credential_t *credential); -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX static const char *http_cdsa_default_path(char *buffer, size_t bufsize); static SecKeychainRef http_cdsa_open_keychain(const char *path, char *filename, size_t filesize); static SecKeychainRef http_cdsa_open_system_keychain(void); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ static OSStatus http_cdsa_read(SSLConnectionRef connection, void *data, size_t *dataLength); static int http_cdsa_set_credentials(http_t *http); static OSStatus http_cdsa_write(SSLConnectionRef connection, const void *data, size_t *dataLength); @@ -125,7 +127,7 @@ cupsMakeServerCredentials( const char **alt_names, /* I - Subject Alternate Names */ time_t expiration_date) /* I - Expiration date */ { -#if defined(HAVE_SECGENERATESELFSIGNEDCERTIFICATE) +#if TARGET_OS_IOS int status = 0; /* Return status */ OSStatus err; /* Error code (if any) */ CFStringRef cfcommon_name = NULL; @@ -284,7 +286,7 @@ cleanup: return (status); -#else /* !HAVE_SECGENERATESELFSIGNEDCERTIFICATE */ +#else /* !TARGET_OS_IOS */ int pid, /* Process ID of command */ status, /* Status of command */ i; /* Looping var */ @@ -383,7 +385,7 @@ cleanup: } return (!status); -#endif /* HAVE_SECGENERATESELFSIGNEDCERTIFICATE && HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_IOS */ } @@ -404,7 +406,7 @@ cupsSetServerCredentials( { DEBUG_printf(("cupsSetServerCredentials(path=\"%s\", common_name=\"%s\", auto_create=%d)", path, common_name, auto_create)); -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX char filename[1024]; /* Keychain filename */ SecKeychainRef keychain = http_cdsa_open_keychain(path, filename, sizeof(filename)); @@ -454,7 +456,7 @@ cupsSetServerCredentials( tls_common_name = _cupsStrAlloc(common_name); return (1); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ } @@ -964,12 +966,12 @@ httpLoadCredentials( const char *common_name) /* I - Common name for credentials */ { OSStatus err; /* Error info */ -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX char filename[1024]; /* Filename for keychain */ SecKeychainRef keychain = NULL,/* Keychain reference */ syschain = NULL;/* System keychain */ CFArrayRef list; /* Keychain list */ -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ SecCertificateRef cert = NULL; /* Certificate */ CFDataRef data; /* Certificate data */ SecPolicyRef policy = NULL; /* Policy ref */ @@ -985,7 +987,7 @@ httpLoadCredentials( *credentials = NULL; -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX keychain = http_cdsa_open_keychain(path, filename, sizeof(filename)); if (!keychain) @@ -996,7 +998,7 @@ httpLoadCredentials( #else if (path) return (-1); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ cfcommon_name = CFStringCreateWithCString(kCFAllocatorDefault, common_name, kCFStringEncodingUTF8); @@ -1016,7 +1018,7 @@ httpLoadCredentials( CFDictionaryAddValue(query, kSecReturnRef, kCFBooleanTrue); CFDictionaryAddValue(query, kSecMatchLimit, kSecMatchLimitOne); -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX if (syschain) { const void *values[2] = { syschain, keychain }; @@ -1027,7 +1029,7 @@ httpLoadCredentials( list = CFArrayCreate(kCFAllocatorDefault, (const void **)&keychain, 1, &kCFTypeArrayCallBacks); CFDictionaryAddValue(query, kSecMatchSearchList, list); CFRelease(list); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ err = SecItemCopyMatching(query, (CFTypeRef *)&cert); @@ -1048,13 +1050,13 @@ httpLoadCredentials( cleanup : -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX if (keychain) CFRelease(keychain); if (syschain) CFRelease(syschain); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ if (cert) CFRelease(cert); if (policy) @@ -1082,11 +1084,11 @@ httpSaveCredentials( { int ret = -1; /* Return value */ OSStatus err; /* Error info */ -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX char filename[1024]; /* Filename for keychain */ SecKeychainRef keychain = NULL;/* Keychain reference */ CFArrayRef list; /* Keychain list */ -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ SecCertificateRef cert = NULL; /* Certificate */ CFMutableDictionaryRef attrs = NULL; /* Attributes for add */ @@ -1107,7 +1109,7 @@ httpSaveCredentials( goto cleanup; } -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX keychain = http_cdsa_open_keychain(path, filename, sizeof(filename)); if (!keychain) @@ -1116,7 +1118,7 @@ httpSaveCredentials( #else if (path) return (-1); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ if ((attrs = CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks)) == NULL) { @@ -1127,7 +1129,7 @@ httpSaveCredentials( CFDictionaryAddValue(attrs, kSecClass, kSecClassCertificate); CFDictionaryAddValue(attrs, kSecValueRef, cert); -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX if ((list = CFArrayCreate(kCFAllocatorDefault, (const void **)&keychain, 1, &kCFTypeArrayCallBacks)) == NULL) { DEBUG_puts("1httpSaveCredentials: Unable to create list of keychains."); @@ -1135,7 +1137,7 @@ httpSaveCredentials( } CFDictionaryAddValue(attrs, kSecMatchSearchList, list); CFRelease(list); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ /* Note: SecItemAdd consumes "attrs"... */ err = SecItemAdd(attrs, NULL); @@ -1143,10 +1145,10 @@ httpSaveCredentials( cleanup : -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX if (keychain) CFRelease(keychain); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ if (cert) CFRelease(cert); @@ -1266,6 +1268,7 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */ /* Pointer to library globals */ OSStatus error; /* Error code */ const char *message = NULL;/* Error message */ + char msgbuf[1024]; /* Error message buffer */ cups_array_t *credentials; /* Credentials array */ cups_array_t *names; /* CUPS distinguished names */ CFArrayRef dn_array; /* CF distinguished names array */ @@ -1284,7 +1287,7 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */ DEBUG_printf(("4_httpTLSStart: tls_options=%x, tls_min_version=%d, tls_max_version=%d", tls_options, tls_min_version, tls_max_version)); } -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX if (http->mode == _HTTP_MODE_SERVER && !tls_keychain) { DEBUG_puts("4_httpTLSStart: cupsSetServerCredentials not called."); @@ -1294,7 +1297,7 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */ return (-1); } -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ if ((http->tls = SSLCreateContext(kCFAllocatorDefault, http->mode == _HTTP_MODE_CLIENT ? kSSLClientSide : kSSLServerSide, kSSLStreamType)) == NULL) { @@ -1346,7 +1349,6 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */ } } -# if HAVE_SSLSETENABLEDCIPHERS if (!error) { SSLCipherSuite supported[100]; /* Supported cipher suites */ @@ -1506,7 +1508,6 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */ error = SSLSetEnabledCiphers(http->tls, enabled, num_enabled); } } -#endif /* HAVE_SSLSETENABLEDCIPHERS */ if (!error && http->mode == _HTTP_MODE_CLIENT) { @@ -1806,11 +1807,13 @@ _httpTLSStart(http_t *http) /* I - HTTP connection */ */ if (!message) -#ifdef HAVE_CSSMERRORSTRING - message = cssmErrorString(error); -#else - message = _("Unable to establish a secure connection to host."); -#endif /* HAVE_CSSMERRORSTRING */ + { + if (!cg->lang_default) + cg->lang_default = cupsLangDefault(); + + snprintf(msgbuf, sizeof(msgbuf), _cupsLangString(cg->lang_default, _("Unable to establish a secure connection to host (%d).")), error); + message = msgbuf; + } _cupsSetError(IPP_STATUS_ERROR_CUPS_PKI, message, 1); @@ -1905,7 +1908,7 @@ static CFArrayRef /* O - Array of certificates or NULL */ http_cdsa_copy_server( const char *common_name) /* I - Server's hostname */ { -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX OSStatus err; /* Error info */ SecIdentityRef identity = NULL;/* Identity */ CFArrayRef certificates = NULL; @@ -2009,7 +2012,7 @@ http_cdsa_copy_server( return (NULL); return (CFArrayCreate(NULL, (const void **)&tls_selfsigned, 1, &kCFTypeArrayCallBacks)); -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ } @@ -2028,7 +2031,7 @@ http_cdsa_create_credential( } -#ifdef HAVE_SECKEYCHAINOPEN +#if TARGET_OS_OSX /* * 'http_cdsa_default_path()' - Get the default keychain path. */ @@ -2204,7 +2207,7 @@ http_cdsa_open_system_keychain(void) return (keychain); } -#endif /* HAVE_SECKEYCHAINOPEN */ +#endif /* TARGET_OS_OSX */ /* diff --git a/cups/versioning.h b/cups/versioning.h index eb7a9164a..0a4199b02 100644 --- a/cups/versioning.h +++ b/cups/versioning.h @@ -164,10 +164,10 @@ */ # define _CUPS_DEPRECATED __attribute__ ((unavailable)) _CUPS_PUBLIC # define _CUPS_DEPRECATED_MSG(m) __attribute__ ((unavailable(m))) _CUPS_PUBLIC -# define _CUPS_DEPRECATED_1_2_MSG(m) API_DEPRECATED(m, macos(10.2,10.5)) API_UNAVAILABLE(ios) _CUPS_PUBLIC -# define _CUPS_DEPRECATED_1_6_MSG(m) API_DEPRECATED(m, macos(10.2,10.8)) API_UNAVAILABLE(ios) _CUPS_PUBLIC -# define _CUPS_DEPRECATED_1_7_MSG(m) API_DEPRECATED(m, macos(10.2,10.9)) API_UNAVAILABLE(ios) _CUPS_PUBLIC -# define _CUPS_DEPRECATED_2_2_MSG(m) API_DEPRECATED(m, macos(10.2,10.12)) API_UNAVAILABLE(ios) _CUPS_PUBLIC +# define _CUPS_DEPRECATED_1_2_MSG(m) API_DEPRECATED(m, macos(10.2,10.5), ios(11.0,11.0)) _CUPS_PUBLIC +# define _CUPS_DEPRECATED_1_6_MSG(m) API_DEPRECATED(m, macos(10.2,10.8), ios(11.0,11.0)) _CUPS_PUBLIC +# define _CUPS_DEPRECATED_1_7_MSG(m) API_DEPRECATED(m, macos(10.2,10.9), ios(11.0,11.0)) _CUPS_PUBLIC +# define _CUPS_DEPRECATED_2_2_MSG(m) API_DEPRECATED(m, macos(10.2,10.12), ios(11.0,11.0)) _CUPS_PUBLIC # elif defined(__APPLE__) /* @@ -175,10 +175,10 @@ */ # define _CUPS_DEPRECATED __attribute__ ((deprecated)) _CUPS_PUBLIC # define _CUPS_DEPRECATED_MSG(m) __attribute__ ((deprecated(m))) _CUPS_PUBLIC -# define _CUPS_DEPRECATED_1_2_MSG(m) API_DEPRECATED(m, macos(10.2,10.5)) API_UNAVAILABLE(ios) _CUPS_PUBLIC -# define _CUPS_DEPRECATED_1_6_MSG(m) API_DEPRECATED(m, macos(10.2,10.8)) API_UNAVAILABLE(ios) _CUPS_PUBLIC -# define _CUPS_DEPRECATED_1_7_MSG(m) API_DEPRECATED(m, macos(10.2,10.9)) API_UNAVAILABLE(ios) _CUPS_PUBLIC -# define _CUPS_DEPRECATED_2_2_MSG(m) API_DEPRECATED(m, macos(10.2,10.12)) API_UNAVAILABLE(ios) _CUPS_PUBLIC +# define _CUPS_DEPRECATED_1_2_MSG(m) API_DEPRECATED(m, macos(10.2,10.5), ios(11.0,11.0)) _CUPS_PUBLIC +# define _CUPS_DEPRECATED_1_6_MSG(m) API_DEPRECATED(m, macos(10.2,10.8), ios(11.0,11.0)) _CUPS_PUBLIC +# define _CUPS_DEPRECATED_1_7_MSG(m) API_DEPRECATED(m, macos(10.2,10.9), ios(11.0,11.0)) _CUPS_PUBLIC +# define _CUPS_DEPRECATED_2_2_MSG(m) API_DEPRECATED(m, macos(10.2,10.12), ios(11.0,11.0)) _CUPS_PUBLIC # elif defined(_CUPS_HAS_UNAVAILABLE_WITH_MESSAGE) && defined(_CUPS_NO_DEPRECATED) /* diff --git a/xcode/config.h b/xcode/config.h index 534445ea8..6358e0a34 100644 --- a/xcode/config.h +++ b/xcode/config.h @@ -337,15 +337,6 @@ /* #undef HAVE_SECURETRANSPORTPRIV_H */ -/* - * Do we have the cssmErrorString function? - */ - -#if !TARGET_OS_IOS -# define HAVE_CSSMERRORSTRING 1 -#endif /* !TARGET_OS_IOS */ - - /* * Do we have the SecGenerateSelfSignedCertificate function? */ @@ -355,22 +346,6 @@ #endif /* TARGET_OS_IOS */ -/* - * Do we have the SecKeychainOpen function? - */ - -#if !TARGET_OS_IOS -# define HAVE_SECKEYCHAINOPEN 1 -#endif /* !TARGET_OS_IOS */ - - -/* - * Do we have (a working) SSLSetEnabledCiphers function? - */ - -#define HAVE_SSLSETENABLEDCIPHERS 1 - - /* * Do we have libpaper? */ -- 2.39.5