Opened 22 months ago
Last modified 3 weeks ago
#66749 new enhancement
Add SecTrustEvaluateWithError to allow Go binaries built with 1.19+ to run on older systems
Reported by: | krackers | Owned by: | |
---|---|---|---|
Priority: | Normal | Milestone: | |
Component: | ports | Version: | |
Keywords: | Cc: | cjones051073 (Chris Jones), kencu (Ken), RobK88 | |
Port: | legacy-support |
Description
Since the change https://go-review.googlesource.com/c/go/+/353132 Go now calls into libSecurity's SecTrustEvaluateWithError for certificate validation. As a result, even with a legacySupport dylib injected to shim the missing libc functions Go needs, because SecTrustEvaluateWithError is present only on 10.14+, binaries will still refuse to run on older versions.
Older versions do have a SecTrustEvaluate which does the same validation but returns its output in a slightly different format. Hence it should not be too hard to write a wrapper.
This would also resolve https://trac.macports.org/ticket/65178
Change History (4)
comment:1 Changed 22 months ago by jmroot (Joshua Root)
Cc: | cjones051073 kencu added |
---|
comment:3 Changed 14 months ago by RobK88
Cc: | RobK88 added |
---|
Note: See
TracTickets for help on using
tickets.
I think something like the below should work.
This may not work for any application that does logic based on the actual error code (I briefly looked and it seemed tricky to get this via private APIs). But for go at least, this should work.