Fix Building For Security-59754.140.13

* Restore missing darling specific changes from previous release * Use <CarbonCore/MacErrors.h> instead. * Fixed building for i386 * Adjusted location of where some files are now stored at.
2024-11-26 21:40:21 +00:00 · 2023-01-22 19:01:52 -08:00 · 2023-01-22 19:01:52 -08:00 · 09d01249fb
commit 09d01249fb
parent c73cceb280
31 changed files with 241 additions and 48 deletions
--- a/Analytics/Clients/LocalKeychainAnalytics.m
+++ b/Analytics/Clients/LocalKeychainAnalytics.m
@ -231,7 +231,9 @@ void LKABackupReportEnd(bool hasBackup, CFErrorRef error) {

 void LKAForceClose(void)
 {
+    #if !defined(DARLING) || defined(__OBJC2__)
    @autoreleasepool {
        [[LocalKeychainAnalytics logger] removeState];
    }
+    #endif
 }
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -1,6 +1,6 @@
 project(Security)

-list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
+list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/darling/cmake")

 include(security_lib)
 include(security_xcconfigs)
@ -32,19 +32,22 @@ add_compile_definitions(
 )

 include_directories(
-	${SECURITY_PROJECT_DIR}/header_symlinks
-	${SECURITY_PROJECT_DIR}/header_symlinks/macOS
+	${SECURITY_PROJECT_DIR}/darling/include
+	${SECURITY_PROJECT_DIR}/darling/include/macOS
 	${SECURITY_PROJECT_DIR}
-	${SECURITY_PROJECT_DIR}/libDER
+	${SECURITY_PROJECT_DIR}/gen
 	${SECURITY_PROJECT_DIR}/OSX/libsecurity_asn1
+	${SECURITY_PROJECT_DIR}/OSX/libsecurity_keychain/lib/
 	${SECURITY_PROJECT_DIR}/OSX/sec
+	${SECURITY_PROJECT_DIR}/OSX/sec/Security
 	${SECURITY_PROJECT_DIR}/OSX/utilities
 	${SECURITY_PROJECT_DIR}/OSX
-	${SECURITY_PROJECT_DIR}/header_symlinks/Security
-	${SECURITY_PROJECT_DIR}/header_symlinks/macOS/Security
+	${SECURITY_PROJECT_DIR}/darling/src/libDER
+	${SECURITY_PROJECT_DIR}/darling/include/Security
+	${SECURITY_PROJECT_DIR}/darling/include/macOS/Security
 )

-add_subdirectory(libDER)
+add_subdirectory(darling/src/libDER)
 add_subdirectory(keychain)
 add_subdirectory(keychain/SecureObjectSync)

--- a/OSX/CMakeLists.txt
+++ b/OSX/CMakeLists.txt
@ -77,6 +77,7 @@ if (BUILD_TARGET_64BIT)
 	add_darling_object_library(Security_x86_64_only_stuff
 		64BIT_ONLY

+		sec/Security/SecSharedCredential.m
 		../Analytics/Clients/SOSAnalytics.m
 		../Analytics/NSDate+SFAnalytics.m
 		../Analytics/SFAnalytics.m
@ -125,6 +126,7 @@ add_custom_target(generate-security-exp


 set_source_files_properties(
+	sec/Security/SecSharedCredential.m
 	../Analytics/SFAnalytics.m
 	../Analytics/SFAnalyticsMultiSampler.m
 	../Analytics/SFAnalyticsSampler.m
@ -136,7 +138,7 @@ set_source_files_properties(

 generate_sdk_framework(Security
    VERSION ${FRAMEWORK_VERSION}
-    HEADER "../darling-framework/include/Security"
+    HEADER "../darling/include/macOS/Security"
 )

 add_separated_framework(Security
@ -144,16 +146,28 @@ add_separated_framework(Security
 	VERSION ${FRAMEWORK_VERSION}

 	SOURCES
-		Breadcrumb/SecBreadcrumb.c
 		lib/dummy.cpp
-		sec/ipc/client_endpoint.m
-		sec/ipc/client.c
 		sec/Security/SecFramework.c
+		sec/Security/SecSharedCredential.c
+		# sec/Security/SecSharedCredential.m
+		sec/ipc/client.c
+		sec/ipc/client_endpoint.m
 		utilities/SecCoreAnalytics.m
+		utilities/SecKnownFilePaths.m
 		utilities/SecPaddingConfigurations.c
 		../Analytics/Clients/LocalKeychainAnalytics.m
+		# ../Analytics/Clients/SOSAnalytics.m
+		# ../Analytics/NSDate+SFAnalytics.m
+		# ../Analytics/SFAnalytics.m
+		# ../Analytics/SFAnalyticsActivityTracker.m
+		# ../Analytics/SFAnalyticsMultiSampler.m
+		# ../Analytics/SFAnalyticsSQLiteStore.m
+		# ../Analytics/SFAnalyticsSampler.m
+		# ../Analytics/SQLite/SFObjCType.m
+		# ../Analytics/SQLite/SFSQLite.m
+		# ../Analytics/SQLite/SFSQLiteStatement.m
 		../experiment/SecExperiment.m
-		../keychain/behavior/SFBehavior.m
+		../keychain/SigninMetrics/OctagonSignPosts.m
 		../keychain/ckks/CKKSControl.m
 		../keychain/ckks/CKKSControlProtocol.m
 		../keychain/escrowrequest/EscrowRequestXPCProtocol.m
@ -164,14 +178,12 @@ add_separated_framework(Security
 		../keychain/ot/OTControlProtocol.m
 		../keychain/ot/OTDefines.m
 		../keychain/ot/OTJoiningConfiguration.m
-		../keychain/SigninMetrics/OctagonSignPosts.m
-		../keychain/SigninMetrics/SFSignInAnalytics.m
 		../protocol/SecProtocol.c
 		../protocol/SecProtocolConfiguration.m
 		../protocol/SecProtocolHelper.m
 		../protocol/SecProtocolTypes.m

-		../darling/version.c
+		../darling/src/version.c

 	OBJECTS
 		${security_objects}
@ -220,6 +232,8 @@ add_separated_framework(Security
 		#
 		# kind of difficult because there is a mix of libraries added
 		# through target "Frameworks" and some added as plain flags
+		MobileGestalt
+
 		AppleFSCompression

 		# static Security libraries moved to STRONG_DEPENDENCIES
@ -327,6 +341,7 @@ endif ()

 target_include_directories(Security_obj PRIVATE
 	${CMAKE_CURRENT_SOURCE_DIR}/include
+	${CMAKE_CURRENT_SOURCE_DIR}/include
 )

 include(darling_bundle)
--- a/OSX/libsecurity_apple_csp/lib/HMACSHA1.c
+++ b/OSX/libsecurity_apple_csp/lib/HMACSHA1.c
@ -26,9 +26,15 @@
 #include "cspdebugging.h"

 void
+#ifdef DARLING
+hmacsha1 (const uint8_t *keyPtr, size_t keyLen,
+		  const uint8_t *textPtr, size_t textLen,
+		  uint8_t *resultPtr)
+#else
 hmacsha1 (const void *keyPtr, uint32 keyLen,
 		  const void *textPtr, uint32 textLen,
 		  void *resultPtr)
+#endif
 {
 	CCHmac(kCCHmacAlgSHA1, keyPtr, keyLen,
 		textPtr, textLen, resultPtr);
--- a/OSX/libsecurity_apple_csp/lib/HMACSHA1.h
+++ b/OSX/libsecurity_apple_csp/lib/HMACSHA1.h
@ -38,9 +38,15 @@ extern "C" {
 /* This function create an HMACSHA1 digest of kHMACSHA1DigestSizestSize bytes
 * and outputs it to resultPtr.  See RFC 2104 for details.  */
 void
+#ifdef DARLING
+hmacsha1 (const uint8_t *keyPtr, size_t keyLen,
+		  const uint8_t *textPtr, size_t textLen,
+		  uint8_t *resultPtr);
+#else
 hmacsha1 (const void *keyPtr, uint32 keyLen,
 		  const void *textPtr, uint32 textLen,
 		  void *resultPtr);
+#endif
 		  
 #ifdef	__cplusplus
 }
--- a/OSX/libsecurity_asn1/CMakeLists.txt
+++ b/OSX/libsecurity_asn1/CMakeLists.txt
@ -27,8 +27,6 @@ add_security_library(security_asn1
 		lib/secport.c
 		lib/X509Templates.c
 	INCLUDES
-		${SECURITY_PROJECT_DIR}/header_symlinks/iOS
-
 		# not listed in xcode builds files, but necessary
 		${CMAKE_CURRENT_SOURCE_DIR}/../include
 )
--- a/OSX/libsecurity_cdsa_utilities/CMakeLists.txt
+++ b/OSX/libsecurity_cdsa_utilities/CMakeLists.txt
@ -2,8 +2,8 @@ project(libsecurity_cdsa_utilities)

 add_macos_legacy_lib(security_cdsa_utilities
 	SOURCES
-		../../derived_src/KeySchema.cpp
-		../../derived_src/Schema.cpp
+		../../gen/derived_src/KeySchema.cpp
+		../../gen/derived_src/Schema.cpp
 		lib/acl_any.cpp
 		lib/acl_codesigning.cpp
 		lib/acl_comment.cpp
--- a/OSX/libsecurity_codesigning/CMakeLists.txt
+++ b/OSX/libsecurity_codesigning/CMakeLists.txt
@ -2,6 +2,7 @@ project(libsecurity_codesigning)

 add_macos_legacy_lib(security_codesigning
 	SOURCES
+		../../OSX/utilities/entitlements.c
 		../../sectask/SecTask.c
 		antlr2/src/ANTLRUtil.cpp
 		antlr2/src/ASTFactory.cpp
@ -86,6 +87,7 @@ add_macos_legacy_lib(security_codesigning
 		lib/xpcengine.cpp
 	INCLUDES
 		${SECURITY_PROJECT_DIR}/OSX/libsecurity_codesigning/antlr2
-		${SECURITY_PROJECT_DIR}/derived_src
-		${SECURITY_PROJECT_DIR}/cstemp
+		${SECURITY_PROJECT_DIR}/gen/derived_src
+		${SECURITY_PROJECT_DIR}/gen/cstemp
+		${SECURITY_PROJECT_DIR}/darling/submodules/xnu
 )
--- a/OSX/libsecurity_keychain/CMakeLists.txt
+++ b/OSX/libsecurity_keychain/CMakeLists.txt
@ -25,6 +25,7 @@ add_macos_legacy_lib(security_keychain
 		lib/KCUtilities.cpp
 		lib/Keychains.cpp
 		lib/KeyItem.cpp
+		lib/LegacyAPICounts.m
 		lib/Password.cpp
 		lib/Policies.cpp
 		lib/PolicyCursor.cpp
@ -33,7 +34,6 @@ add_macos_legacy_lib(security_keychain
 		lib/SecACL.cpp
 		lib/SecBase.cpp
 		lib/SecCertificate.cpp
-		lib/SecCertificateBundle.cpp
 		lib/SecCFTypes.cpp
 		lib/SecExport.cpp
 		lib/SecExternalRep.cpp
@ -52,7 +52,6 @@ add_macos_legacy_lib(security_keychain
 		lib/SecItemConstants.c
 		lib/SecKey.cpp
 		lib/SecKeychain.cpp
-		lib/SecKeychainAddIToolsPassword.cpp
 		lib/SecKeychainItem.cpp
 		lib/SecKeychainItemExtendedAttributes.cpp
 		lib/SecKeychainSearch.cpp
--- a/OSX/libsecurity_smime/lib/cert.c
+++ b/OSX/libsecurity_smime/lib/cert.c
@ -43,7 +43,11 @@
 #include <syslog.h>

 /* for errKCDuplicateItem */
+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif

 #define CERT_DEBUG	0
 #if	CERT_DEBUG
--- a/OSX/libsecurity_smime/lib/cmscinfo.c
+++ b/OSX/libsecurity_smime/lib/cmscinfo.c
@ -50,7 +50,11 @@
 #include "secitem.h"

 #include <security_asn1/secerr.h>
+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif

 /*
 * SecCmsContentInfoCreate - create a content info
--- a/OSX/libsecurity_smime/lib/cmsencode.c
+++ b/OSX/libsecurity_smime/lib/cmsencode.c
@ -47,7 +47,11 @@

 #include <security_asn1/secasn1.h>
 #include <security_asn1/secerr.h>
+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif

 struct nss_cms_encoder_output {
    SecCmsContentCallback outputfn;
--- a/OSX/libsecurity_smime/lib/cmspubkey.c
+++ b/OSX/libsecurity_smime/lib/cmspubkey.c
@ -47,7 +47,11 @@
 #include <Security/SecKeyPriv.h>
 #include <Security/SecItemPriv.h>
 #include <Security/Security.h>
+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif
 #include <Security/SecCmsBase.h>
 #include <Security/secasn1t.h>
 #include <security_asn1/plarenas.h>
--- a/OSX/libsecurity_smime/lib/cmssiginfo.c
+++ b/OSX/libsecurity_smime/lib/cmssiginfo.c
@ -55,7 +55,11 @@
 #include <utilities/SecCFWrappers.h>
 #include <utilities/debugging.h>
 #include <AssertMacros.h>
+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif
 #include <Security/SecPolicyPriv.h>
 #include <Security/SecItem.h>
 #include <libDER/asn1Types.h>
--- a/OSX/libsecurity_smime/lib/cmsutil.c
+++ b/OSX/libsecurity_smime/lib/cmsutil.c
@ -47,7 +47,11 @@
 #include <security_asn1/secerr.h>
 #include <Security/cssmapi.h>
 #include <Security/cssmapple.h>
+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif
 #include <CommonCrypto/CommonDigest.h>


--- a/OSX/libsecurity_smime/lib/tsaSupport.c
+++ b/OSX/libsecurity_smime/lib/tsaSupport.c
@ -31,7 +31,11 @@
 */

 #include <security_utilities/debugging.h>
+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif

 #include <Security/SecCmsDecoder.h>
 #include <Security/SecCmsMessage.h>
--- a/OSX/libsecurity_utilities/CMakeLists.txt
+++ b/OSX/libsecurity_utilities/CMakeLists.txt
@ -57,9 +57,9 @@ add_macos_legacy_lib(security_utilities
 		${CMAKE_CURRENT_BINARY_DIR}/lib/mach_notifyServer.c
 	INCLUDES
 		${SECURITY_PROJECT_DIR}/OSX/libsecurity_cssm/lib
-		${SECURITY_PROJECT_DIR}/header_symlinks/iOS
-		${SECURITY_PROJECT_DIR}/header_symlinks/macOS
-		${SECURITY_PROJECT_DIR}/header_symlinks/Security
+		${SECURITY_PROJECT_DIR}/darling/include/iOS
+		${SECURITY_PROJECT_DIR}/darling/include/macOS
+		${SECURITY_PROJECT_DIR}/darling/include/Security
 		${SECURITY_PROJECT_DIR}/OSX/include
 		${SECURITY_PROJECT_DIR}
 		${SECURITY_PROJECT_DIR}/OSX/libsecurity_apple_csp/open_ssl
--- a/OSX/sec/Security/CMakeLists.txt
+++ b/OSX/sec/Security/CMakeLists.txt
@ -92,6 +92,11 @@ add_lib_ios_shim(SecTrustOSX
 		SecTrustStore.c
 )

+add_darling_object_library(SecItemShimOSX_64bit_only
+	64BIT_ONLY
+	SecItemRateLimit.m
+)
+
 add_lib_ios_shim(SecItemShimOSX
 	SOURCES
 		../../../keychain/SecureObjectSync/SOSCloudCircle.m
@ -107,12 +112,15 @@ add_lib_ios_shim(SecItemShimOSX
 		SecItem.m
 		SecItemBackup.c
 		SecItemConstants.c
+		# SecItemRateLimit.m
 		SecKey.m
 		SecKeyAdaptors.m
 		SecKeyProxy.m
 		SecPasswordGenerate.c
 		SecRSAKey.c
 		SecuritydXPC.c
+
+		$<TARGET_OBJECTS:SecItemShimOSX_64bit_only>
 )

 add_lib_ios(logging
--- a/OSX/sec/Security/SecItem.c
+++ b/OSX/sec/Security/SecItem.c
@ -1716,13 +1716,17 @@ out:
 }

 static void countReadOnlyAPICall() {
+    #if !defined(DARLING) || defined(__OBJC2__)
    if (!isReadOnlyAPIRateWithinLimits()) {
    }
+    #endif
 }

 static void countModifyingAPICall() {
+    #if !defined(DARLING) || defined(__OBJC2__)
    if (!isModifyingAPIRateWithinLimits()) {
    }
+    #endif
 }

 OSStatus SecItemAdd(CFDictionaryRef attributes, CFTypeRef *result) {
--- a/OSX/sec/Security/SecSharedCredential.m
+++ b/OSX/sec/Security/SecSharedCredential.m
@ -33,6 +33,9 @@

 #import <Foundation/Foundation.h>
 #import <AuthenticationServices/AuthenticationServices.h>
+#ifdef DARLING
+#import <AppKit/NSApplication.h>
+#endif

 // Forward declaration of the primary function implemented in this file
 OSStatus SecCopySharedWebCredentialSyncUsingAuthSvcs(CFStringRef fqdn, CFStringRef account, CFArrayRef *credentials, CFErrorRef *error);
--- a/OSX/utilities/CMakeLists.txt
+++ b/OSX/utilities/CMakeLists.txt
@ -18,8 +18,8 @@ add_security_library(utilities
 		der_dictionary.c
 		der_null.c
 		der_number.c
-		der_plist_internal.c
 		der_plist.c
+		der_plist_internal.c
 		der_set.c
 		der_string.c
 		fileIo.c
@ -27,9 +27,7 @@ add_security_library(utilities
 		iOSforOSX-SecAttr.c
 		iOSforOSX-SecRandom.c
 		NSURL+SOSPlistStore.m
-		sec_action.c
 		SecABC.m
-		SecADWrapper.c
 		SecAKSWrappers.c
 		SecAppleAnchor.c
 		SecAutorelease.m
@ -43,9 +41,12 @@ add_security_library(utilities
 		SecNSAdditions.m
 		SecPLWrappers.m
 		SecSCTUtils.c
+		# SecTapToRadar.m
 		SecTrace.c
 		SecXPCError.c
 		SecXPCHelper.m
+		SecXPCUtils.m
+		sec_action.c
 		simulate_crash.m

 		$<TARGET_OBJECTS:utilities_x86_64>
--- a/OSX/utilities/SecKnownFilePaths.m
+++ b/OSX/utilities/SecKnownFilePaths.m
@ -2,6 +2,9 @@
 #import <Foundation/Foundation.h>
 #import "SecKnownFilePaths.h"
 #import "OSX/utilities/SecCFRelease.h"
+#ifdef DARLING
+#import <CoreFoundation/CFPriv.h>
+#endif

 // This file is separate from SecFileLocation.c because it has a global variable.
 // We need exactly one of those per address space, so it needs to live in the Security framework.
--- a/Security.exp-in
+++ b/Security.exp-in
@ -2188,3 +2188,10 @@ _SecCopyBaseFilesURL

 _SecSetCustomHomeURL
 _SecSetCustomHomeURLString
+
+#ifdef DARLING
+// Apple stopped exporting these (I guess they replaced them in their updated CFNetwork source),
+// but we still need them for our CFNetwork
+_cuDec64
+_cuEnc64
+#endif
--- a/SecurityTool/macOS/CMakeLists.txt
+++ b/SecurityTool/macOS/CMakeLists.txt
@ -51,7 +51,7 @@ target_compile_options(securitytool_macos PRIVATE
 	-fobjc-arc
 )
 target_include_directories(securitytool_macos PRIVATE
-	${SECURITY_PROJECT_DIR}/header_symlinks/macOS
+	${SECURITY_PROJECT_DIR}/darling/include/macOS
 )

 set_target_properties(securitytool_macos PROPERTIES OUTPUT_NAME "security")
--- a/SecurityTool/macOS/cmsutil.c
+++ b/SecurityTool/macOS/cmsutil.c
@ -63,7 +63,11 @@
 #include <Security/SecIdentity.h>
 #include <Security/SecIdentitySearch.h>
 #include <CoreFoundation/CFString.h>
+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif
 #include <utilities/SecCFRelease.h>

 #include <stdio.h>
--- a/SecurityTool/macOS/createFVMaster.c
+++ b/SecurityTool/macOS/createFVMaster.c
@ -45,7 +45,11 @@

 #include "srCdsaUtils.h"

+#ifdef DARLING
+#include <CarbonCore/MacErrors.h>
+#else
 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#endif

 const char * const _masterKeychainName = "FileVaultMaster.keychain";
 const char * const _masterKeychainPath = "./FileVaultMaster";
--- a/keychain/ot/OTClique.h
+++ b/keychain/ot/OTClique.h
@ -25,15 +25,8 @@
 #ifndef OTClique_h
 #define OTClique_h

-#if __OBJC2__
-
-#import <Foundation/Foundation.h>
-#import <Security/SecureObjectSync/SOSCloudCircleInternal.h>
-#import <Security/SecureObjectSync/SOSPeerInfo.h>
-#import <Security/SecureObjectSync/SOSTypes.h>
-#import <Security/OTConstants.h>
-#import <Security/SecRecoveryKey.h>
-
+#if defined(DARLING)
+// Relocate CliqueStatus and OTCDPStatus
 typedef NS_ENUM(NSInteger, CliqueStatus) {
    CliqueStatusIn         = 0, /*There is a clique and I am in it*/
    CliqueStatusNotIn      = 1, /*There is a clique and I am not in it - you should get a voucher to join or tell another peer to trust us*/
@ -48,6 +41,33 @@ typedef NS_ENUM(NSInteger, OTCDPStatus) {
    OTCDPStatusDisabled = 1,
    OTCDPStatusEnabled = 2,
 };
+#endif
+
+#if __OBJC2__
+
+#import <Foundation/Foundation.h>
+#import <Security/SecureObjectSync/SOSCloudCircleInternal.h>
+#import <Security/SecureObjectSync/SOSPeerInfo.h>
+#import <Security/SecureObjectSync/SOSTypes.h>
+#import <Security/OTConstants.h>
+#import <Security/SecRecoveryKey.h>
+
+#ifndef DARLING
+typedef NS_ENUM(NSInteger, CliqueStatus) {
+    CliqueStatusIn         = 0, /*There is a clique and I am in it*/
+    CliqueStatusNotIn      = 1, /*There is a clique and I am not in it - you should get a voucher to join or tell another peer to trust us*/
+    CliqueStatusPending    = 2, /*For compatibility, keeping the pending state */
+    CliqueStatusAbsent     = 3, /*There is no clique - you can establish one */
+    CliqueStatusNoCloudKitAccount = 4, /* no cloudkit account present */
+    CliqueStatusError      = -1 /*unable to determine circle status, inspect CFError to find out why */
+};
+
+typedef NS_ENUM(NSInteger, OTCDPStatus) {
+    OTCDPStatusUnknown = 0,
+    OTCDPStatusDisabled = 1,
+    OTCDPStatusEnabled = 2,
+};
+#endif

 NS_ASSUME_NONNULL_BEGIN

--- a/securityd/CMakeLists.txt
+++ b/securityd/CMakeLists.txt
@ -1,8 +1,8 @@
 add_subdirectory(securityd_service)

 include_directories(
+	../keychain/KeychainStasher/
 	../OSX/libsecurityd/lib
-	../OSX/include
 	${CMAKE_CURRENT_BINARY_DIR}/../OSX/libsecurityd/mig
 	${CMAKE_CURRENT_SOURCE_DIR}/src
 )
@ -32,11 +32,11 @@ add_darling_executable(securityd_exe
 	src/kcdatabase.cpp
 	src/kckey.cpp
 	src/key.cpp
+	src/keychainstasherinterface.m
 	src/localdatabase.cpp
 	src/localkey.cpp
 	src/main.cpp
 	src/notifications.cpp
-	src/pcscmonitor.cpp
 	src/process.cpp
 	src/reader.cpp
 	src/server.cpp
@ -58,7 +58,7 @@ add_darling_executable(securityd_exe
 	${CMAKE_CURRENT_BINARY_DIR}/mig/selfUser.cpp
 )
 target_include_directories(securityd_exe PRIVATE
-	${SECURITY_PROJECT_DIR}/header_symlinks/macOS
+	${SECURITY_PROJECT_DIR}/darling/include/macOS
 	${SECURITY_PROJECT_DIR}/securityd
 	${SECURITY_PROJECT_DIR}/OSX/include

@ -91,6 +91,7 @@ target_link_libraries(securityd_exe
 	PCSC
 	Security
 	system
+	DER
 	CoreFoundation
 	IOKit
 )
--- a/trust/trustd/CMakeLists.txt
+++ b/trust/trustd/CMakeLists.txt
@ -8,6 +8,8 @@ add_lib_ios_shim(libtrustd
 	OUTPUT_NAME "trustd"
 	MODERN_OBJC
 	SOURCES
+		CertificateTransparency.m
+		md.m
 		nameconstraints.c
 		OTATrustUtilities.m
 		personalization.c
@ -16,22 +18,24 @@ add_lib_ios_shim(libtrustd
 		SecCAIssuerRequest.m
 		SecCertificateServer.c
 		SecCertificateSource.c
-		SecTrustExceptionResetCount.m
 		SecOCSPCache.c
 		SecOCSPRequest.c
-		trustd_spi.c
-		SecRevocationNetworking.m
-		SecTrustStoreServer.m
 		SecOCSPResponse.c
 		SecPinningDb.m
 		SecPolicyServer.c
 		SecRevocationDb.c
+		SecRevocationNetworking.m
 		SecRevocationServer.c
-		md.m
+		SecTrustExceptionResetCount.m
 		SecTrustLoggingServer.m
-		TrustURLSessionDelegate.m
 		SecTrustServer.c
 		SecTrustStoreServer.c
+		SecTrustStoreServer.m
+		trustd_spi.c
+		trustdFileLocations.m
+		TrustURLSessionCache.m
+		TrustURLSessionDelegate.m
+
 		../../OSX/sec/Security/SecuritydXPC.c
 	DEFINITIONS
 		LIBTRUSTD=1
--- a/trust/trustd/SecTrustLoggingServer.h
+++ b/trust/trustd/SecTrustLoggingServer.h
@ -30,4 +30,53 @@

 void DisableLocalization(void);

+#ifdef DARLING
+#include <xpc/xpc.h>
+#include <CoreFoundation/CoreFoundation.h>
+
+// i have a sneaking suspicion that Apple neutered this file and that this is where
+// `TrustdHealthAnalyticsLogErrorCodeForDatabase` *should* be defined,
+// so that's what i'll do:
+void TrustdHealthAnalyticsLogErrorCodeForDatabase(int location, int operation, int error_type, int error_code);
+// note that i'm not entirely sure about that last parameter type
+// and those other parameters are dependent on the types of the following definitions
+
+// this is also probably where these were supposed to be defined:
+
+enum /* location */ {
+	TACAIssuerCache,
+	TAOCSPCache,
+	TARevocationDb,
+	TATrustStore,
+};
+
+enum /* operation */ {
+	TAOperationRead,
+	TAOperationWrite,
+	TAOperationCreate,
+	TAOperationOpen,
+};
+
+enum /* error type (?) */ {
+	TAFatalError,
+	TARecoverableError,
+};
+
+// i'm guessing this is also where this belongs:
+bool SecNetworkingAnalyticsReport(CFStringRef event_name, xpc_object_t tls_analytics_attributes, CFErrorRef *error);
+
+// same with this:
+void TrustdHealthAnalyticsLogErrorCode(int event, int error_type, int error_code);
+
+enum /* event */ {
+	TAEventValidUpdate,
+};
+
+// same here:
+void TrustdHealthAnalyticsLogEvaluationCompleted();
+
+// and you guessed it, same here:
+void TrustdHealthAnalyticsLogSuccess(int event);
+#endif // DARLING
+
 #endif /* _SECURITY_SECTRUSTLOGGINGSERVER_H_ */
--- a/trust/trustd/SecTrustLoggingServer.m
+++ b/trust/trustd/SecTrustLoggingServer.m
@ -27,3 +27,29 @@
 #include <AssertMacros.h>
 #include "SecTrustLoggingServer.h"

+
+#ifdef DARLING
+
+void TrustdHealthAnalyticsLogErrorCodeForDatabase(int location, int operation, int error_type, int error_code) {
+	// a stub
+};
+
+bool SecNetworkingAnalyticsReport(CFStringRef event_name, xpc_object_t tls_analytics_attributes, CFErrorRef *error) {
+	// another stub
+	return true;
+};
+
+void TrustdHealthAnalyticsLogErrorCode(int event, int error_type, int error_code) {
+	// yet another stub
+};
+
+void TrustdHealthAnalyticsLogEvaluationCompleted() {
+	// YAYAS
+	// (yet another "yet another stub")
+};
+
+void TrustdHealthAnalyticsLogSuccess(int event) {
+	// man, Apple really likes to log and analyze stuff, huh?
+};
+
+#endif