[MacPorts] #66749: Add SecTrustEvaluateWithError to allow Go binaries built with 1.19+ to run on older systems

[MacPorts]

#66749: Add SecTrustEvaluateWithError to allow Go binaries built with 1.19+ to run
on older systems
-----------------------------+--------------------
  Reporter:  krackers        |      Owner:  (none)
      Type:  enhancement     |     Status:  new
  Priority:  Normal          |  Milestone:
 Component:  ports           |    Version:
Resolution:                  |   Keywords:
      Port:  legacy-support  |
-----------------------------+--------------------

Comment (by krackers):

 I think something like the below should work.

 {{{
 CFStringRef getStringForResultType(SecTrustResultType resultType) {
         switch (resultType) {
                 case kSecTrustResultInvalid: return CFSTR("Error
 evaluating certificate");
                 case kSecTrustResultDeny: return CFSTR("User specified to
 deny trust");
                 case kSecTrustResultUnspecified: return CFSTR("Rejected
 Certificate");
                 case kSecTrustResultRecoverableTrustFailure : return
 CFSTR("Rejected Certificate");
                 case kSecTrustResultFatalTrustFailure :return CFSTR("Bad
 Certificate");
                 case kSecTrustResultOtherError: return CFSTR("Error
 evaluating certificate");
                 case kSecTrustResultProceed: return CFSTR("Proceed");
                 default: return CFSTR("Unknown");
         }
         return CFSTR("Unknown");
 }

 bool CustomSecTrustEvaluateWithError(SecTrustRef trust, CFErrorRef
 *error) {
         SecTrustResultType trustResult = kSecTrustResultInvalid;
         OSStatus status = SecTrustEvaluate(trust, &trustResult);
         if (status == errSecSuccess && (trustResult ==
 kSecTrustResultProceed || trustResult == kSecTrustResultUnspecified)) {
                 if (error) {
                         *error = NULL;
                 }
                 return true;
         }
         *error = CFErrorCreate(kCFAllocatorDefault,
 getStringForResultType(trustResult), 0, NULL);
         return false;
 }
 }}}

 This may not work for any application that does logic based on the actual
 error code (I briefly looked and it seemed tricky to get this via private
 APIs). But for go at least, this should work.

-- 
Ticket URL: <https://trac.macports.org/ticket/66749#comment:2>
MacPorts <https://www.macports.org/>
Ports system for macOS