package tls
/*
-// Note: We disable -Werror here because the code in this file uses a deprecated API to stay
-// compatible with both Mac OS X 10.6 and 10.7. Using a deprecated function on Darwin generates
-// a warning.
-#cgo CFLAGS: -Wno-error -Wno-deprecated-declarations
+#cgo CFLAGS: -mmacosx-version-min=10.6 -D__MAC_OS_X_VERSION_MAX_ALLOWED=1060
#cgo LDFLAGS: -framework CoreFoundation -framework Security
+
#include <CoreFoundation/CoreFoundation.h>
#include <Security/Security.h>
continue;
}
- // SecKeychainImportExport is deprecated in >= OS X 10.7, and has been replaced by
- // SecItemExport. If we're built on a host with a Lion SDK, this code gets conditionally
- // included in the output, also for binaries meant for 10.6.
- //
- // To make sure that we run on both Mac OS X 10.6 and 10.7 we use weak linking
- // and check whether SecItemExport is available before we attempt to call it. On
- // 10.6, this won't be the case, and we'll fall back to calling SecKeychainItemExport.
-#if __MAC_OS_X_VERSION_MAX_ALLOWED >= 1070
- if (SecItemExport) {
- err = SecItemExport(cert, kSecFormatX509Cert, kSecItemPemArmour, NULL, &data);
- if (err != noErr) {
- continue;
- }
- } else
-#endif
- if (data == NULL) {
- err = SecKeychainItemExport(cert, kSecFormatX509Cert, kSecItemPemArmour, NULL, &data);
- if (err != noErr) {
- continue;
- }
+ // Note: SecKeychainItemExport is deprecated as of 10.7 in favor of SecItemExport.
+ // Once we support weak imports via cgo we should prefer that, and fall back to this
+ // for older systems.
+ err = SecKeychainItemExport(cert, kSecFormatX509Cert, kSecItemPemArmour, NULL, &data);
+ if (err != noErr) {
+ continue;
}
if (data != NULL) {