Commits

Mihai Moldovan authored 31b5e09ff6d 
net/openssh: (hopefully) fix build failures on 10.6-. Round two.

sys/acl.h (implicitly pulled in by other headers) breaks with
__APPLE_API_STRICT_CONFORMANCE set. Since we don't need it in the
keychain integration code, just drop it in that file.

xpc/xpc.h is only available on 10.7+. Since we don't need any
declarations or macros from there, don't include it on older platforms.

No revbump since this only fixes build failures.

Fixes: https://trac.macports.org/ticket/59397
No tags
b3e382c0089
master

net/openssh/files/0002-Apple-keychain-integration-other-changes.patch

Modified
1 1 --- /dev/null 1970-01-01 00:00:00.000000000 +0000
2 -+++ b/keychain.m 2019-10-22 16:47:36.000000000 +0200
3 -@@ -0,0 +1,241 @@
2 ++++ b/keychain.m 2019-10-24 07:06:20.000000000 +0200
3 +@@ -0,0 +1,266 @@
4 4 +/*
5 5 + * Copyright (c) 2007-2016 Apple Inc. All rights reserved.
6 6 + *
7 7 + * @APPLE_BSD_LICENSE_HEADER_START@
8 8 + *
9 9 + * Redistribution and use in source and binary forms, with or without
10 10 + * modification, are permitted provided that the following conditions
11 11 + * are met:
12 12 + *
13 13 + * 1. Redistributions of source code must retain the above copyright
26 26 + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
27 27 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 28 + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
29 29 + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 30 + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 31 + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 32 + *
33 33 + * @APPLE_BSD_LICENSE_HEADER_END@
34 34 + */
35 35 +
36 ++#include <AvailabilityMacros.h>
37 ++
38 ++#if ((!(defined (MAC_OS_X_VERSION_10_6))) || (MAC_OS_X_VERSION_MAX_ALLOWED <= MAC_OS_X_VERSION_10_6))
39 ++/*
40 ++ * Older versions of sys/acl.h are (arguably) buggy in that the
41 ++ * __APPLE_API_STRICT_CONFORMANCE macro - that we need for proper sandbox code
42 ++ * compilation on older systems (10.7-) - affects (or rather restricts) the
43 ++ * inclusion of macros in sys/kauth.h.
44 ++ *
45 ++ * These macros are then used unconditionally and everything blows up if the
46 ++ * former is set.
47 ++ *
48 ++ * This is not a problem with newer sys/acl.h versions, since these define
49 ++ * internal macros and hence don't rely on the KAUTH_* macros any longer (even
50 ++ * though they still include sys/kauth.h, which strictly speaking is redundant
51 ++ * in such a case).
52 ++ *
53 ++ * Since we don't need to work around any sandbox header bugs in the keychain
54 ++ * integration, let's just drop the former macro.
55 ++ */
56 ++# ifdef __APPLE_API_STRICT_CONFORMANCE
57 ++# undef __APPLE_API_STRICT_CONFORMANCE
58 ++# endif /* defined (__APPLE_API_STRICT_CONFORMANCE) */
59 ++#endif /* ((!(defined (MAC_OS_X_VERSION_10_6))) || (MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_6)) */
60 ++
36 61 +#import <Foundation/Foundation.h>
37 62 +#import <Security/Security.h>
38 63 +#import "SecItemPriv-shim.h"
39 64 +#include <sys/stat.h>
40 65 +#include <stdio.h>
41 66 +
42 67 +#include "xmalloc.h"
43 68 +#include "sshkey.h"
44 69 +#include "ssherr.h"
45 70 +#include "authfile.h"
236 261 + if (stat([accountString UTF8String], &st) < 0)
237 262 + continue;
238 263 + if (add_identity([accountString UTF8String]))
239 264 + ret = 1;
240 265 + }
241 266 + [searchResults release];
242 267 +
243 268 + return ret;
244 269 +}
245 270 --- /dev/null 1970-01-01 00:00:00.000000000 +0000
246 -+++ b/keychain.h 2019-10-22 16:47:36.000000000 +0200
271 ++++ b/keychain.h 2019-10-24 07:04:11.000000000 +0200
247 272 @@ -0,0 +1,36 @@
248 273 +/*
249 274 + * Copyright (c) 2007-2016 Apple Inc. All rights reserved.
250 275 + *
251 276 + * @APPLE_BSD_LICENSE_HEADER_START@
252 277 + *
253 278 + * Redistribution and use in source and binary forms, with or without
254 279 + * modification, are permitted provided that the following conditions
255 280 + * are met:
256 281 + *
274 299 + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
275 300 + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
276 301 + *
277 302 + * @APPLE_BSD_LICENSE_HEADER_END@
278 303 + */
279 304 +
280 305 +void store_in_keychain(const char *filename, const char *passphrase);
281 306 +void remove_from_keychain(const char *filename);
282 307 +char *keychain_read_passphrase(const char *filename);
283 308 +int load_identities_from_keychain(int (^add_identity)(const char *identity));
284 ---- a/Makefile.in 2019-10-09 02:31:03.000000000 +0200
285 -+++ b/Makefile.in 2019-10-22 16:47:36.000000000 +0200
309 +--- a/Makefile.in 2019-10-24 06:27:51.000000000 +0200
310 ++++ b/Makefile.in 2019-10-24 07:04:11.000000000 +0200
286 311 @@ -41,6 +41,7 @@ PATHS= -DSSHDIR=\"$(sysconfdir)\" \
287 312 CC=@CC@
288 313 LD=@LD@
289 314 CFLAGS=@CFLAGS@
290 315 +OBJCFLAGS=@OBJCFLAGS@
291 316 CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
292 317 LIBS=@LIBS@
293 318 K5LIBS=@K5LIBS@
294 319 @@ -56,6 +57,7 @@ SED=@SED@
295 320 ENT=@ENT@
345 370 +ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o $(KEYCHAINOBJS)
346 371 + $(LD) -o $@ ssh-add.o $(KEYCHAINOBJS) $(LDFLAGS) $(KEYCHAIN_LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
347 372
348 373 -ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
349 374 - $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
350 375 +ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o $(KEYCHAINOBJS)
351 376 + $(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(KEYCHAINOBJS) $(LDFLAGS) $(KEYCHAIN_LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
352 377
353 378 ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o sshsig.o
354 379 $(LD) -o $@ ssh-keygen.o sshsig.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
355 ---- a/audit-bsm.c 2019-10-09 02:31:03.000000000 +0200
356 -+++ b/audit-bsm.c 2019-10-22 16:49:35.000000000 +0200
380 +--- a/audit-bsm.c 2019-10-24 06:27:51.000000000 +0200
381 ++++ b/audit-bsm.c 2019-10-24 07:04:11.000000000 +0200
357 382 @@ -62,6 +62,18 @@
358 383 #include <bsm/audit_record.h>
359 384 #include <locale.h>
360 385
361 386 +#ifdef __APPLE__
362 387 +#include <AvailabilityMacros.h>
363 388 +#if ((defined (MAC_OS_X_VERSION_10_7)) && (MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7))
364 389 +#include <bsm/audit_session.h>
365 390 +#endif /* ((defined (MAC_OS_X_VERSION_10_7)) && (MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7)) */
366 391 +#include "auth-options.h"
386 411 + }
387 412 + if (auth_opts->permit_pty_flag && options.permit_tty) {
388 413 + info.ai_flags |= AU_SESSION_FLAG_HAS_TTY;
389 414 + }
390 415 +#endif /* ((defined (MAC_OS_X_VERSION_10_7)) && (MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7)) */
391 416 +#endif
392 417 +
393 418 if (the_authctxt->valid)
394 419 info.ai_auid = the_authctxt->pw->pw_uid;
395 420 else
396 ---- a/configure.ac 2019-10-09 02:31:03.000000000 +0200
397 -+++ b/configure.ac 2019-10-22 16:47:36.000000000 +0200
421 +--- a/configure.ac 2019-10-24 06:27:51.000000000 +0200
422 ++++ b/configure.ac 2019-10-24 07:04:11.000000000 +0200
398 423 @@ -20,6 +20,7 @@ AC_LANG([C])
399 424
400 425 AC_CONFIG_HEADER([config.h])
401 426 AC_PROG_CC([cc gcc])
402 427 +AC_PROG_OBJC([cc clang gcc])
403 428 AC_CANONICAL_HOST
404 429 AC_C_BIGENDIAN
405 430
406 431 @@ -667,11 +668,11 @@ main() { if (NSVersionOfRunTimeLibrary("
407 432 AC_DEFINE([SSH_TUN_PREPEND_AF], [1],
448 473 + AC_SUBST(KEYCHAIN_LDFLAGS)
449 474 + ],
450 475 + AC_MSG_WARN([Security framework not found. Disabling macOS Keychain support.]))
451 476 + ;;
452 477 + esac
453 478 +fi
454 479 +
455 480 dnl Adding -Werror to CFLAGS early prevents configure tests from running.
456 481 dnl Add now.
457 482 CFLAGS="$CFLAGS $werror_flags"
458 ---- a/groupaccess.c 2019-10-09 02:31:03.000000000 +0200
459 -+++ b/groupaccess.c 2019-10-22 16:47:36.000000000 +0200
483 +--- a/groupaccess.c 2019-10-24 06:27:51.000000000 +0200
484 ++++ b/groupaccess.c 2019-10-24 07:04:11.000000000 +0200
460 485 @@ -39,6 +39,10 @@
461 486 #include "match.h"
462 487 #include "log.h"
463 488
464 489 +#ifdef __APPLE_MEMBERSHIP__
465 490 +int32_t getgrouplist_2(const char *, gid_t, gid_t **);
466 491 +#endif
467 492 +
468 493 static int ngroups;
469 494 static char **groups_byname;
488 513 #if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX)
489 514 ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX));
490 515 @@ -69,6 +85,7 @@ ga_init(const char *user, gid_t base)
491 516 sizeof(*groups_bygid));
492 517 }
493 518 groups_byname = xcalloc(ngroups, sizeof(*groups_byname));
494 519 +#endif /* __APPLE_MEMBERSHIP__ */
495 520
496 521 for (i = 0, j = 0; i < ngroups; i++)
497 522 if ((gr = getgrgid(groups_bygid[i])) != NULL)
498 ---- a/readconf.c 2019-10-09 02:31:03.000000000 +0200
499 -+++ b/readconf.c 2019-10-22 16:47:36.000000000 +0200
523 +--- a/readconf.c 2019-10-24 06:27:51.000000000 +0200
524 ++++ b/readconf.c 2019-10-24 07:04:11.000000000 +0200
500 525 @@ -167,6 +167,9 @@ typedef enum {
501 526 oHashKnownHosts,
502 527 oTunnel, oTunnelDevice,
503 528 oLocalCommand, oPermitLocalCommand, oRemoteCommand,
504 529 +#ifdef __APPLE_KEYCHAIN__
505 530 + oUseKeychain,
506 531 +#endif
507 532 oVisualHostKey,
508 533 oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass,
509 534 oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots,
545 570 /* options->host_key_alias should not be set by default */
546 571 /* options->preferred_authentications will be set in ssh */
547 572 +
548 573 +#ifdef __APPLE_KEYCHAIN__
549 574 + if (options->use_keychain == -1)
550 575 + options->use_keychain = 0;
551 576 +#endif
552 577 }
553 578
554 579 struct fwdarg {
555 ---- a/readconf.h 2019-10-09 02:31:03.000000000 +0200
556 -+++ b/readconf.h 2019-10-22 16:47:36.000000000 +0200
580 +--- a/readconf.h 2019-10-24 06:27:51.000000000 +0200
581 ++++ b/readconf.h 2019-10-24 07:04:11.000000000 +0200
557 582 @@ -137,6 +137,9 @@ typedef struct {
558 583 char *local_command;
559 584 int permit_local_command;
560 585 char *remote_command;
561 586 +#ifdef __APPLE_KEYCHAIN__
562 587 + int use_keychain;
563 588 +#endif
564 589 int visual_host_key;
565 590
566 591 int request_tty;
567 ---- a/session.c 2019-10-09 02:31:03.000000000 +0200
568 -+++ b/session.c 2019-10-22 16:47:36.000000000 +0200
592 +--- a/session.c 2019-10-24 06:27:51.000000000 +0200
593 ++++ b/session.c 2019-10-24 07:04:11.000000000 +0200
569 594 @@ -1185,6 +1185,21 @@ do_setup_env(struct ssh *ssh, Session *s
570 595 child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
571 596 original_command);
572 597
573 598 +#ifdef __APPLE_TMPDIR__
574 599 + char tmpdir[MAXPATHLEN] = {0};
575 600 + size_t len = 0;
576 601 +
577 602 + len = confstr(_CS_DARWIN_USER_TEMP_DIR, tmpdir, sizeof(tmpdir));
578 603 + if (len > 0) {
581 606 + } else {
582 607 + // errno is set by confstr
583 608 + errno = 0;
584 609 + debug2("%s: unable to set TMPDIR", __func__);
585 610 + }
586 611 +#endif /* __APPLE_TMPDIR__ */
587 612 +
588 613 if (debug_flag) {
589 614 /* dump the environment */
590 615 fprintf(stderr, "Environment:\n");
591 ---- a/ssh-add.0 2019-10-09 02:39:14.000000000 +0200
592 -+++ b/ssh-add.0 2019-10-22 16:47:36.000000000 +0200
616 +--- a/ssh-add.0 2019-10-24 06:27:51.000000000 +0200
617 ++++ b/ssh-add.0 2019-10-24 07:04:11.000000000 +0200
593 618 @@ -4,7 +4,7 @@ NAME
594 619 ssh-add M-bM-^@M-^S adds private key identities to the authentication agent
595 620
596 621 SYNOPSIS
597 622 - ssh-add [-cDdkLlqvXx] [-E fingerprint_hash] [-t life] [file ...]
598 623 + ssh-add [-AcDdKkLlqvXx] [-E fingerprint_hash] [-t life] [file ...]
599 624 ssh-add -s pkcs11
600 625 ssh-add -e pkcs11
601 626 ssh-add -T pubkey ...
602 627 @@ -28,6 +28,9 @@ DESCRIPTION
613 638 -e pkcs11
614 639 Remove keys provided by the PKCS#11 shared library pkcs11.
615 640
616 641 + -K When adding identities, each passphrase will also be stored in
617 642 + your macOS keychain. When removing identities with -d, each
618 643 + passphrase will be removed from your macOS keychain.
619 644 +
620 645 -k When loading keys into or deleting keys from the agent, process
621 646 plain private keys only and skip certificates.
622 647
623 ---- a/ssh-add.1 2019-10-09 02:31:03.000000000 +0200
624 -+++ b/ssh-add.1 2019-10-22 16:47:36.000000000 +0200
648 +--- a/ssh-add.1 2019-10-24 06:27:51.000000000 +0200
649 ++++ b/ssh-add.1 2019-10-24 07:04:11.000000000 +0200
625 650 @@ -43,7 +43,7 @@
626 651 .Nd adds private key identities to the authentication agent
627 652 .Sh SYNOPSIS
628 653 .Nm ssh-add
629 654 -.Op Fl cDdkLlqvXx
630 655 +.Op Fl AcDdKKkLlqvXx
631 656 .Op Fl E Ar fingerprint_hash
632 657 .Op Fl t Ar life
633 658 .Op Ar
634 659 @@ -87,6 +87,9 @@ to work.
645 670 .It Fl e Ar pkcs11
646 671 Remove keys provided by the PKCS#11 shared library
647 672 .Ar pkcs11 .
648 673 +.It Fl K
649 674 +When adding identities, each passphrase will also be stored in your macOS
650 675 +keychain. When removing identities with -d, each passphrase will be removed
651 676 +from your macOS keychain.
652 677 .It Fl k
653 678 When loading keys into or deleting keys from the agent, process plain private
654 679 keys only and skip certificates.
655 ---- a/ssh-add.c 2019-10-09 02:31:03.000000000 +0200
656 -+++ b/ssh-add.c 2019-10-22 16:47:36.000000000 +0200
680 +--- a/ssh-add.c 2019-10-24 06:27:51.000000000 +0200
681 ++++ b/ssh-add.c 2019-10-24 07:04:11.000000000 +0200
657 682 @@ -67,6 +67,11 @@
658 683 #include "ssherr.h"
659 684 #include "digest.h"
660 685
661 686 +#ifdef __APPLE_KEYCHAIN__
662 687 +#include "keychain.h"
663 688 +static int use_keychain = 0;
664 689 +#endif
665 690 +
666 691 /* argv0 */
722 747 fprintf(stderr, " -q Be quiet after a successful operation.\n");
723 748 fprintf(stderr, " -v Be more verbose.\n");
724 749 +#ifdef __APPLE_KEYCHAIN__
725 750 + fprintf(stderr, " -A Add all identities stored in your macOS keychain.\n");
726 751 + fprintf(stderr, " -K Store passphrases in your macOS keychain.\n");
727 752 + fprintf(stderr, " With -d, remove passphrases from your macOS keychain.\n");
728 753 +#endif
729 754 }
730 755
731 756 int
732 ---- a/ssh-agent.c 2019-10-09 02:31:03.000000000 +0200
733 -+++ b/ssh-agent.c 2019-10-22 16:47:36.000000000 +0200
757 +--- a/ssh-agent.c 2019-10-24 06:27:51.000000000 +0200
758 ++++ b/ssh-agent.c 2019-10-24 07:04:12.000000000 +0200
734 759 @@ -70,6 +70,10 @@
735 760 #include <time.h>
736 761 #include <string.h>
737 762 #include <unistd.h>
738 763 +#ifdef __APPLE_LAUNCHD__
739 764 +#include <launch.h>
740 765 +#include <AvailabilityMacros.h>
741 766 +#endif
742 767 #ifdef HAVE_UTIL_H
743 768 # include <util.h>
874 899 @@ -1326,6 +1422,9 @@ skip:
875 900 pkcs11_init(0);
876 901 #endif
877 902 new_socket(AUTH_SOCKET, sock);
878 903 +#ifdef __APPLE_LAUNCHD__
879 904 +skip2:
880 905 +#endif
881 906 if (ac > 0)
882 907 parent_alive_interval = 10;
883 908 idtab_init();
884 ---- a/sshconnect2.c 2019-10-09 02:31:03.000000000 +0200
885 -+++ b/sshconnect2.c 2019-10-22 16:47:36.000000000 +0200
909 +--- a/sshconnect2.c 2019-10-24 06:27:51.000000000 +0200
910 ++++ b/sshconnect2.c 2019-10-24 07:04:12.000000000 +0200
886 911 @@ -73,6 +73,11 @@
887 912 #include "ssherr.h"
888 913 #include "utf8.h"
889 914
890 915 +#ifdef __APPLE_KEYCHAIN__
891 916 +#include "keychain.h"
892 917 +int found_in_keychain = 0;
893 918 +#endif
894 919 +
895 920 #ifdef GSSAPI
916 941 +#ifdef __APPLE_KEYCHAIN__
917 942 + if (!quit && private != NULL && !(id->key && id->isprivate) && options.use_keychain && !found_in_keychain) {
918 943 + debug2("storing passphrase in keychain");
919 944 + store_in_keychain(id->filename, passphrase);
920 945 + }
921 946 +#endif
922 947 +
923 948 if (!quit && private != NULL && id->agent_fd == -1 &&
924 949 !(id->key && id->isprivate))
925 950 maybe_add_key_to_agent(id->filename, private, comment,
926 ---- a/ssh-agent.0 2019-10-09 02:39:14.000000000 +0200
927 -+++ b/ssh-agent.0 2019-10-22 16:47:36.000000000 +0200
951 +--- a/ssh-agent.0 2019-10-24 06:27:51.000000000 +0200
952 ++++ b/ssh-agent.0 2019-10-24 07:04:12.000000000 +0200
928 953 @@ -7,6 +7,7 @@ SYNOPSIS
929 954 ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]
930 955 [-P pkcs11_whitelist] [-t life] [command [arg ...]]
931 956 ssh-agent [-c | -s] -k
932 957 + ssh-agent -l
933 958
934 959 DESCRIPTION
935 960 ssh-agent is a program to hold private keys used for public key
936 961 @@ -64,6 +65,9 @@ DESCRIPTION
937 962 for an identity with ssh-add(1) overrides this value. Without
938 963 this option the default maximum lifetime is forever.
939 964
940 965 + -l Start in launchd mode. This feature should only be used by macOS
941 966 + itself. It is not very useful to users.
942 967 +
943 968 If a command line is given, this is executed as a subprocess of the
944 969 agent. When the command dies, so does the agent.
945 970
946 ---- a/ssh-agent.1 2019-10-09 02:31:03.000000000 +0200
947 -+++ b/ssh-agent.1 2019-10-22 16:47:36.000000000 +0200
971 +--- a/ssh-agent.1 2019-10-24 06:27:51.000000000 +0200
972 ++++ b/ssh-agent.1 2019-10-24 07:04:12.000000000 +0200
948 973 @@ -52,6 +52,8 @@
949 974 .Nm ssh-agent
950 975 .Op Fl c | s
951 976 .Fl k
952 977 +.Nm ssh-agent
953 978 +.Fl l
954 979 .Sh DESCRIPTION
955 980 .Nm
956 981 is a program to hold private keys used for public key authentication
957 982 @@ -148,6 +150,10 @@ A lifetime specified for an identity wit
958 983 .Xr ssh-add 1
959 984 overrides this value.
960 985 Without this option the default maximum lifetime is forever.
961 986 +.It Fl l
962 987 +Start in launchd mode.
963 988 +This feature should only be used by macOS itself.
964 989 +It is not very useful to users.
965 990 .El
966 991 .Pp
967 992 If a command line is given, this is executed as a subprocess of the agent.
968 993 --- /dev/null 1970-01-01 00:00:00.000000000 +0000
969 -+++ b/SecItemPriv-shim.h 2019-10-22 16:47:36.000000000 +0200
970 -@@ -0,0 +1,83 @@
994 ++++ b/SecItemPriv-shim.h 2019-10-24 07:04:12.000000000 +0200
995 +@@ -0,0 +1,86 @@
971 996 +/*
972 997 + * Copyright (c) 2006-2013 Apple Inc. All Rights Reserved.
973 998 + *
974 999 + * @APPLE_LICENSE_HEADER_START@
975 1000 + *
976 1001 + * This file contains Original Code and/or Modifications of Original Code
977 1002 + * as defined in and that are subject to the Apple Public Source License
978 1003 + * Version 2.0 (the 'License'). You may not use this file except in
979 1004 + * compliance with the License. Please obtain a copy of the License at
980 1005 + * http://www.opensource.apple.com/apsl/ and read it before using this
1017 1042 +*/
1018 1043 +
1019 1044 +#ifndef _SECURITY_SECITEMPRIV_H_
1020 1045 +#define _SECURITY_SECITEMPRIV_H_
1021 1046 +
1022 1047 +#include <CoreFoundation/CFDictionary.h>
1023 1048 +#include <CoreFoundation/CFData.h>
1024 1049 +#include <CoreFoundation/CFError.h>
1025 1050 +#include <TargetConditionals.h>
1026 1051 +#include <Security/SecBase.h>
1052 ++
1053 ++#if ((defined (MAC_OS_X_VERSION_10_7)) && (MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7))
1027 1054 +#include <xpc/xpc.h>
1055 ++#endif /* ((defined (MAC_OS_X_VERSION_10_7)) && (MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7)) */
1028 1056 +
1029 1057 +#if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
1030 1058 +#include <Security/SecTask.h>
1031 1059 +#endif
1032 1060 +
1033 1061 +__BEGIN_DECLS
1034 1062 +
1035 1063 +/*
1036 1064 + @enum Attribute Key Constants (Private)
1037 1065 + @discussion Predefined item attribute keys used to get or set values in a

Everything looks good. We'll let you know here if there's anything you should know about.

Add shortcut