#include "OSX/config/security_macos.xcconfig"
+#include "xcconfig/security_framework.xcconfig"
PRODUCT_NAME = Security
PRODUCT_BUNDLE_IDENTIFIER = com.apple.security
INSTALL_PATH = $(SYSTEM_LIBRARY_DIR)/Frameworks
-OTHER_LDFLAGS = -laks -lCrashReporterClient -Wl,-upward_framework,Foundation
+ASAN_EXTRA_LDFLAGS_YES = -Wl,-no_warn_inits
+ASAN_EXTRA_LDFLAGS_NO =
+ASAN_EXTRA_LDFLAGS_ = $(ASAN_EXTRA_LDFLAGS_NO)
+TSAN_EXTRA_LDFLAGS_YES = -Wl,-no_warn_inits
+TSAN_EXTRA_LDFLAGS_NO =
+TSAN_EXTRA_LDFLAGS_ = $(TSAN_EXTRA_LDFLAGS_NO)
+
+// order here matters, so later more specific options override earlier.
+NOINIT_LDFLAGS = -Wl,-no_inits $(ASAN_EXTRA_LDFLAGS_$(ENABLE_ADDRESS_SANITIZER)) $(TSAN_EXTRA_LDFLAGS_$(ENABLE_THREAD_SANITIZER))
+
+OTHER_LDFLAGS = -laks -lCrashReporterClient -Wl,-upward_framework,Foundation $(NOINIT_LDFLAGS)
SECTORDER_FLAGS = -order_file_statistics
APPLY_RULES_IN_COPY_FILES = NO
-// Not entirely sure what this is for, but, okay.
-INSTALLHDRS_SCRIPT_PHASE = YES
+// Adding things here is against the spirit of TAPI. If something is in the framework, it should be in the framework headers.
+// Don't add things.
+OTHER_TAPI_FLAGS_TRUST = -extra-private-header $(PROJECT_DIR)/trust/trustd/macOS/SecTrustOSXEntryPoints.h -extra-private-header $(PROJECT_DIR)/OSX/sec/Security/SecCertificateInternal.h
+
+OTHER_TAPI_FLAGS_USR_LIB_HEADERS = -extra-private-header $(PROJECT_DIR)/OSX/utilities/debugging.h
+OTHER_TAPI_FLAGS_HACKS = -exclude-public-header $(BUILT_PRODUCTS_DIR)/Security.framework/Versions/A/Headers/AuthorizationPlugin.h -extra-public-header $(PROJECT_DIR)/OSX/macos_tapi_hacks.h -extra-public-header $(PROJECT_DIR)/OSX/sec/Security/SecItemShim.h -D SECURITY_PROJECT_TAPI_HACKS=1
+
+OTHER_TAPI_FLAGS = $(inherited) $(OTHER_TAPI_FLAGS_SECURITY_FRAMEWORK) -I$(PROJECT_DIR)/header_symlinks/ $(OTHER_TAPI_FLAGS_TRUST) $(OTHER_TAPI_FLAGS_USR_LIB_HEADERS) $(OTHER_TAPI_FLAGS_HACKS)
+
+IS_ZIPPERED = YES
projects / apple / security.git / blobdiff