diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index be4e0b84049..f0e77d29172 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -107,7 +107,7 @@ jobs: # see TODOs here: https://github.com/randombit/botan/pull/3007 - compiler: gcc - runs-on: macos-latest + runs-on: macos-12 steps: - uses: actions/checkout@v3 @@ -142,7 +142,7 @@ jobs: host_os: ubuntu-22.04 - target: emscripten compiler: emcc - host_os: macos-latest + host_os: macos-12 - target: baremetal compiler: gcc host_os: ubuntu-22.04 @@ -221,7 +221,7 @@ jobs: host_os: ubuntu-22.04 - target: cross-ios-arm64 compiler: clang - host_os: macos-latest + host_os: macos-12 runs-on: ${{ matrix.host_os }} diff --git a/src/lib/x509/certstor_system_macos/certstor_macos.cpp b/src/lib/x509/certstor_system_macos/certstor_macos.cpp index 0dae4822c0d..8c62c45ed1c 100644 --- a/src/lib/x509/certstor_system_macos/certstor_macos.cpp +++ b/src/lib/x509/certstor_system_macos/certstor_macos.cpp @@ -266,10 +266,16 @@ class Certificate_Store_MacOS_Impl m_system_chain(nullptr), m_keychains(nullptr) { +BOTAN_DIAGNOSTIC_PUSH +BOTAN_DIAGNOSTIC_IGNORE_DEPRECATED + // macOS 12.0 deprecates 'Custom keychain management', though the API still works. + // Ideas for a replacement can be found in the discussion of GH #3122: + // https://github.com/randombit/botan/pull/3122 check_success(SecKeychainOpen(system_roots, &m_system_roots.get()), "open system root certificates"); check_success(SecKeychainOpen(system_keychain, &m_system_chain.get()), "open system keychain"); +BOTAN_DIAGNOSTIC_POP check_notnull(m_system_roots, "open system root certificate chain"); check_notnull(m_system_chain, "open system certificate chain");