X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/866f8763175ff60e4fa455b92b5eb660a12fe6c7..HEAD:/xcconfig/Security.xcconfig

diff --git a/xcconfig/Security.xcconfig b/xcconfig/Security.xcconfig
index c0cbe4fb..7c1df3ce 100644
--- a/xcconfig/Security.xcconfig
+++ b/xcconfig/Security.xcconfig
@@ -1,22 +1,56 @@
+OTHER_CFLAGS = -isystem $(SDKROOT)/System/Library/Frameworks/System.framework/PrivateHeaders -fconstant-cfstrings
 
-SYSTEM_FRAMEWORK_SEARCH_PATHS = $(inherited) $(SDKROOT)/$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks
 
-OTHER_CFLAGS = -isystem $(SDKROOT)/System/Library/Frameworks/System.framework/PrivateHeaders -fconstant-cfstrings
+HEADER_SYMLINKS = $(PROJECT_DIR)/header_symlinks
+HEADER_SYMLINKS[sdk=macosx*] = $(PROJECT_DIR)/header_symlinks $(PROJECT_DIR)/header_symlinks/macOS
+HEADER_SYMLINKS[sdk=embedded*] = $(PROJECT_DIR)/header_symlinks $(PROJECT_DIR)/header_symlinks/iOS
+
+HEADER_SEARCH_PATHS = $(HEADER_SYMLINKS) $(PROJECT_DIR) $(SDKROOT)/usr/local/include/security_libDER $(PROJECT_DIR)/OSX/libsecurity_asn1 $(PROJECT_DIR)/OSX/sec $(PROJECT_DIR)/OSX/utilities $(PROJECT_DIR)/OSX $(inherited)
+ALWAYS_SEARCH_USER_PATHS = NO
 
-HEADER_SEARCH_PATHS = $(PROJECT_DIR) $(PROJECT_DIR)/OSX/libsecurity_keychain/libDER $(PROJECT_DIR)/OSX/libsecurity_asn1 $(PROJECT_DIR)/OSX/sec/ProjectHeaders $(PROJECT_DIR)/OSX/sec $(PROJECT_DIR)/OSX/utilities $(PROJECT_DIR)/OSX $(inherited)
 ARCHS[sdk=macosx*] = $(ARCHS_STANDARD)
 
+LIBRARY_SEARCH_PATHS = $(inherited) $(SDKROOT)/usr/local/lib/security_libDER
+
 #include "xcconfig/PlatformFeatures.xcconfig"
+#include "xcconfig/Version.xcconfig"
 
 // Note that the 'Settings' view in Xcode will display the wrong values for platform-dependent settings
 // Refer to the actual build command for final computed value
-GCC_PREPROCESSOR_DEFINITIONS = __KEYCHAINCORE__=1 CORECRYPTO_DONOT_USE_TRANSPARENT_UNION=1 OCTAGON=$(OCTAGON_ON) PLATFORM=$(PLATFORM_STR) $(GCC_PREPROCESSOR_DEFINITIONS)
+GCC_PREPROCESSOR_DEFINITIONS = __KEYCHAINCORE__=1 CORECRYPTO_DONOT_USE_TRANSPARENT_UNION=1 OCTAGON=$(OCTAGON_ON) TRUSTEDPEERS=$(TRUSTEDPEERS_ON) SECUREOBJECTSYNC=$(SECUREOBJECTSYNC_ON) SHAREDWEBCREDENTIALS=$(SHAREDWEBCREDENTIALS_ON) PLATFORM=$(PLATFORM_STR) SECURITY_BUILD_VERSION="\"$(SECURITY_BUILD_VERSION)\"" $(GCC_PREPROCESSOR_DEFINITIONS) ABC_BUGCAPTURE=$(ABC_BUGCAPTURE_ON)
 
 SECURITY_FUZZER_BASE_DIR = /AppleInternal/CoreOS/Fuzzers/Security
 
-WARNING_CFLAGS = -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-error=deprecated-declarations -Wno-error=implicit-retain-self -Wno-error=#warnings -Wno-error=unused-function -Wno-error=unused-variable
+// Apple Clang - Code Generation
+CLANG_TRIVIAL_AUTO_VAR_INIT = pattern
+
+CLANG_CXX_LANGUAGE_STANDARD = gnu++2a
+GCC_C_LANGUAGE_STANDARD = gnu2x
+
+WARNING_CFLAGS = -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-error=deprecated-declarations -Wno-error=deprecated-implementations -Wno-error=implicit-retain-self -Wno-error=#warnings -Wno-error=unused-function -Wno-error=unused-variable -Wno-error=documentation
+
+
+WARNING_CFLAGS[sdk=embedded*] = $(WARNING_CFLAGS) -Wformat=2
+
+// The SOS headers get copied into a specific directory in the framework during their own copy files phase.
+// This breaks TAPI during the build, which does INSTALLHDR -> INSTALLAPI without running any copy files phases.
+// So, we must include each file as a 'public' header in the TAPI command.
+// We also add some 'private' headers here that aren't in the framework; this is unfortunate but better than putting very internal headers as SPI.
+OTHER_TAPI_FLAGS_SOS = -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSPeerInfoCollections.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSCircleDer.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSKVSKeys.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSInternal.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSGenCount.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/CKBridge/SOSCloudKeychainClient.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSPiggyback.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSCircle.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSFullPeerInfo.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSCloudCircleInternal.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSTypes.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSViews.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSPeerInfo.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSCloudCircle.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSPeerInfoV2.h -extra-public-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSBackupSliceKeyBag.h -extra-private-header $(PROJECT_DIR)/keychain/SecureObjectSync/SOSPeerInfoInternal.h
+
+// This isn't OTHER_TAPI_FLAGS because we'll mess up other, non-Security.framework frameworks in the project
+// Please don't add any more headers here.
+OTHER_TAPI_FLAGS_SECURITY_FRAMEWORK_COMMON = --verify-api-error-as-warning -D SECURITY_PROJECT_TAPI_HACKS=1 -extra-private-header $(PROJECT_DIR)/OSX/sec/Security/SecTrustInternal.h $(OTHER_TAPI_FLAGS_SOS) -extra-private-header $(PROJECT_DIR)/OSX/libsecurity_codesigning/lib/SecCodePriv.h -extra-private-header $(PROJECT_DIR)/Analytics/SQLite/SFSQLite.h -extra-private-header $(PROJECT_DIR)/OSX/libsecurity_ssl/lib/sslDeprecated.h -extra-private-header $(PROJECT_DIR)/OSX/libsecurity_asn1/lib/secport-tapi.h -extra-private-header $(PROJECT_DIR)/OSX/libsecurity_smime/lib/cms-tapi.h -extra-private-header $(PROJECT_DIR)/OSX/utilities/SecAppleAnchor-tapi.h -extra-private-header $(PROJECT_DIR)/OSX/sec/Security/SecRSAKey.h -extra-private-header $(PROJECT_DIR)/OSX/sec/Security/SecPolicy-tapi.h -extra-private-header $(PROJECT_DIR)/OSX/sec/Security/SecEC-tapi.h -extra-private-header $(PROJECT_DIR)/OSX/sec/Security/Security-tapi.h
+
+OTHER_TAPI_FLAGS_SECURITY_FRAMEWORK_PLATFORM[sdk=macos*] = $(OTHER_TAPI_FLAGS_SECURITY_FRAMEWORK_COMMON) -extra-private-header $(PROJECT_DIR)/OSX/libsecurity_transform/lib/SecCollectTransform.h -extra-private-header $(PROJECT_DIR)/OSX/libsecurity_transform/lib/SecMaskGenerationFunctionTransform.h -extra-private-header $(PROJECT_DIR)/OSX/libsecurity_transform/lib/SecTransformValidator.h
+OTHER_TAPI_FLAGS_SECURITY_FRAMEWORK_PLATFORM[sdk=embedded*] = $(OTHER_TAPI_FLAGS_SECURITY_FRAMEWORK_COMMON)
+OTHER_TAPI_FLAGS_SECURITY_FRAMEWORK = $(OTHER_TAPI_FLAGS_SECURITY_FRAMEWORK_PLATFORM)
+
+SECURITY_XCTEST_DIRECTORY = /AppleInternal/XCTests/com.apple.security
 
+// If you expect to be a 'securityd', use these flags
+OTHER_LDFLAGS_FOR_SECURITYD = -framework TrustedPeers $(OTHER_LDFLAGS_COREFOLLOWUP) -lnetwork $(OTHER_LDFLAGS_SYMPTOMDIAGNOSTICREPORTER)
 
-WARNING_CFLAGS[sdk=iphone*] = $(WARNING_CFLAGS) -Wformat=2
-WARNING_CFLAGS[sdk=tvos*] = $(WARNING_CFLAGS) -Wformat=2
-WARNING_CFLAGS[sdk=watchos*] = $(WARNING_CFLAGS) -Wformat=2
+// Hack for runtime path for OCMock, add to your xctest bundle and embedd OCMock.framework
+OCMOCK_RUNTIME_SEARCH_PATH = $(inherited) @executable_path/Frameworks @loader_path/Frameworks
+OCMOCK_RUNTIME_SEARCH_PATH[sdk=macos*] = $(inherited) @executable_path/../Frameworks @loader_path/../Frameworks