From 419e726ce0cd58277644050ed41c63dc29a80274 Mon Sep 17 00:00:00 2001
From: Nirbheek Chauhan <nirbheek@centricular.com>
Date: Thu, 29 Dec 2022 08:07:20 +0530
Subject: [PATCH] Don't try to use keychain CA certificates on iOS

SecTrustCopyAnchorCertificates is not available on iOS as certificate
data for system-trusted roots is currently unavailable there.
---
 tls/openssl/gtlsdatabase-openssl.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/tls/openssl/gtlsdatabase-openssl.c b/tls/openssl/gtlsdatabase-openssl.c
index e7a7ef9..1c7df2a 100644
--- a/tls/openssl/gtlsdatabase-openssl.c
+++ b/tls/openssl/gtlsdatabase-openssl.c
@@ -31,8 +31,14 @@
 #include <glib/gi18n-lib.h>
 #include "openssl-include.h"
 
+/*
+ * SecTrustCopyAnchorCertificates is only available on macOS, so we check for
+ * SEC_OS_OSX: https://github.com/Apple-FOSS-Mirror/Security/blob/master/base/SecBase.h
+ */
 #ifdef __APPLE__
 #include <Security/Security.h>
+#else
+#define SEC_OS_OSX 0
 #endif
 
 #ifdef G_OS_WIN32
@@ -151,7 +157,7 @@ g_tls_database_openssl_verify_chain (GTlsDatabase             *database,
   return result;
 }
 
-#ifdef __APPLE__
+#if SEC_OS_OSX
 static gboolean
 populate_store (X509_STORE  *store,
                 GError     **error)
-- 
2.38.1