diff --git a/docs/workflow/requirements/macos-requirements.md b/docs/workflow/requirements/macos-requirements.md
index 67e7840a64d1be..cd1aed4b8f142b 100644
--- a/docs/workflow/requirements/macos-requirements.md
+++ b/docs/workflow/requirements/macos-requirements.md
@@ -18,7 +18,6 @@ To build the runtime repo, you will also need to install the following dependenc
- `CMake` 3.20 or newer
- `icu4c`
-- `openssl@1.1` or `openssl@3`
- `pkg-config`
- `python3`
- `ninja` (This one is optional. It is an alternative tool to `make` for building native code)
diff --git a/eng/native/build-commons.sh b/eng/native/build-commons.sh
index 2bc1faf27e7fd2..a3bdc2ac190eec 100755
--- a/eng/native/build-commons.sh
+++ b/eng/native/build-commons.sh
@@ -70,7 +70,7 @@ build_native()
# Let users provide additional compiler/linker flags via EXTRA_CFLAGS/EXTRA_CXXFLAGS/EXTRA_LDFLAGS.
# If users directly override CFLAG/CXXFLAGS/LDFLAGS, that may lead to some configure tests working incorrectly.
# See https://github.com/dotnet/runtime/issues/35727 for more information.
- #
+ #
# These flags MUST be exported before gen-buildsys.sh runs or cmake will ignore them
#
export CFLAGS="${CFLAGS} ${EXTRA_CFLAGS}"
@@ -547,6 +547,9 @@ elif [[ "$__TargetOS" == ios || "$__TargetOS" == iossimulator ]]; then
elif [[ "$__TargetOS" == tvos || "$__TargetOS" == tvossimulator ]]; then
# nothing to do here
true
+elif [[ "$__TargetOS" == osx || "$__TargetOS" == maccatalyst ]]; then
+ # nothing to do here
+ true
elif [[ "$__TargetOS" == android ]]; then
# nothing to do here
true
diff --git a/src/coreclr/nativeaot/BuildIntegration/Microsoft.NETCore.Native.Unix.targets b/src/coreclr/nativeaot/BuildIntegration/Microsoft.NETCore.Native.Unix.targets
index 4e5b53a938b85a..b655d3879ac449 100644
--- a/src/coreclr/nativeaot/BuildIntegration/Microsoft.NETCore.Native.Unix.targets
+++ b/src/coreclr/nativeaot/BuildIntegration/Microsoft.NETCore.Native.Unix.targets
@@ -141,8 +141,8 @@ The .NET Foundation licenses this file to you under the MIT license.
-
-
+
+
diff --git a/src/native/corehost/apphost/static/CMakeLists.txt b/src/native/corehost/apphost/static/CMakeLists.txt
index 30118f679da387..7d7d975d4bd58d 100644
--- a/src/native/corehost/apphost/static/CMakeLists.txt
+++ b/src/native/corehost/apphost/static/CMakeLists.txt
@@ -166,10 +166,11 @@ else()
)
if(NOT CLR_CMAKE_TARGET_ANDROID)
- list(APPEND NATIVE_LIBS
- System.Net.Security.Native-Static
- System.Security.Cryptography.Native.OpenSsl-Static
- )
+ list(APPEND NATIVE_LIBS System.Net.Security.Native-Static)
+
+ if(NOT CLR_CMAKE_TARGET_APPLE)
+ list(APPEND NATIVE_LIBS System.Security.Cryptography.Native.OpenSsl-Static)
+ endif()
else()
list(APPEND NATIVE_LIBS
System.Security.Cryptography.Native.Android-Static
@@ -204,7 +205,7 @@ else()
include(${CLR_SRC_NATIVE_DIR}/libs/System.Native/extra_libs.cmake)
append_extra_system_libs(NATIVE_LIBS)
- if(NOT CLR_CMAKE_TARGET_MACCATALYST AND NOT CLR_CMAKE_TARGET_IOS AND NOT CLR_CMAKE_TARGET_TVOS AND NOT CLR_CMAKE_TARGET_ANDROID AND NOT CLR_CMAKE_TARGET_BROWSER)
+ if(NOT CLR_CMAKE_TARGET_APPLE AND NOT CLR_CMAKE_TARGET_ANDROID AND NOT CLR_CMAKE_TARGET_BROWSER)
# Additional requirements for System.Security.Cryptography.Native.OpenSsl
include(${CLR_SRC_NATIVE_DIR}/libs/System.Security.Cryptography.Native/extra_libs.cmake)
append_extra_cryptography_libs(NATIVE_LIBS)
diff --git a/src/native/corehost/build.sh b/src/native/corehost/build.sh
index b7df4cc8212148..63c3b6d996e4a7 100755
--- a/src/native/corehost/build.sh
+++ b/src/native/corehost/build.sh
@@ -60,7 +60,10 @@ __IntermediatesDir="$__RootBinDir/obj/$__TargetRid.$__BuildType"
export __BinDir __IntermediatesDir __RuntimeFlavor
__CMakeArgs="-DCLI_CMAKE_PKG_RID=\"$__TargetRid\" -DCLI_CMAKE_FALLBACK_OS=\"$__HostFallbackOS\" -DCLI_CMAKE_COMMIT_HASH=\"$__commit_hash\" $__CMakeArgs"
-__CMakeArgs="-DFEATURE_DISTRO_AGNOSTIC_SSL=$__PortableBuild $__CMakeArgs"
+
+if [[ "$__TargetOS" != osx ]]; then
+ __CMakeArgs="-DFEATURE_DISTRO_AGNOSTIC_SSL=$__PortableBuild $__CMakeArgs"
+fi
# Specify path to be set for CMAKE_INSTALL_PREFIX.
# This is where all built CoreClr libraries will copied to.
diff --git a/src/native/corehost/hostpolicy/hostpolicy_context.cpp b/src/native/corehost/hostpolicy/hostpolicy_context.cpp
index b562d0e09ae408..9c0c7c0468d5cb 100644
--- a/src/native/corehost/hostpolicy/hostpolicy_context.cpp
+++ b/src/native/corehost/hostpolicy/hostpolicy_context.cpp
@@ -70,11 +70,13 @@ namespace
return SystemResolveDllImport(entry_point_name);
}
+#if !defined(TARGET_OSX)
if (strcmp(library_name, LIB_NAME("System.Security.Cryptography.Native.OpenSsl")) == 0)
{
return CryptoResolveDllImport(entry_point_name);
}
-#endif
+#endif // !defined(TARGET_OSX)
+#endif // !defined(_WIN32)
if (strcmp(library_name, LIB_NAME("System.IO.Compression.Native")) == 0)
{
diff --git a/src/native/libs/CMakeLists.txt b/src/native/libs/CMakeLists.txt
index c90e9b8a45ddc5..cf8b2b47fbd67b 100644
--- a/src/native/libs/CMakeLists.txt
+++ b/src/native/libs/CMakeLists.txt
@@ -150,18 +150,12 @@ if (CLR_CMAKE_TARGET_UNIX OR CLR_CMAKE_TARGET_BROWSER OR CLR_CMAKE_TARGET_WASI)
if (CLR_CMAKE_TARGET_BROWSER OR CLR_CMAKE_TARGET_WASI)
# skip for now
- elseif (CLR_CMAKE_TARGET_MACCATALYST)
- add_subdirectory(System.Net.Security.Native)
- # System.Security.Cryptography.Native is intentionally disabled on iOS
- # it is only used for interacting with OpenSSL which isn't useful there
- elseif (CLR_CMAKE_TARGET_IOS)
- add_subdirectory(System.Net.Security.Native)
- # System.Security.Cryptography.Native is intentionally disabled on iOS
- # it is only used for interacting with OpenSSL which isn't useful there
- elseif (CLR_CMAKE_TARGET_TVOS)
- #add_subdirectory(System.Net.Security.Native) # no gssapi on tvOS, see https://developer.apple.com/documentation/gss
- # System.Security.Cryptography.Native is intentionally disabled on tvOS
- # it is only used for interacting with OpenSSL which isn't useful there
+ elseif (CLR_CMAKE_TARGET_APPLE)
+ if (NOT CLR_CMAKE_TARGET_TVOS) # no gssapi on tvOS, see https://developer.apple.com/documentation/gss
+ add_subdirectory(System.Net.Security.Native)
+ endif ()
+
+ add_subdirectory(System.Security.Cryptography.Native.Apple)
elseif (CLR_CMAKE_TARGET_ANDROID AND NOT FORCE_ANDROID_OPENSSL)
add_subdirectory(System.Security.Cryptography.Native.Android)
elseif (FORCE_ANDROID_OPENSSL)
@@ -170,8 +164,4 @@ if (CLR_CMAKE_TARGET_UNIX OR CLR_CMAKE_TARGET_BROWSER OR CLR_CMAKE_TARGET_WASI)
add_subdirectory(System.Net.Security.Native)
add_subdirectory(System.Security.Cryptography.Native)
endif ()
-
- if (CLR_CMAKE_TARGET_APPLE)
- add_subdirectory(System.Security.Cryptography.Native.Apple)
- endif ()
endif ()
diff --git a/src/native/libs/System.Security.Cryptography.Native/CMakeLists.txt b/src/native/libs/System.Security.Cryptography.Native/CMakeLists.txt
index ec0ad0fc7dbea8..c875413edd321e 100644
--- a/src/native/libs/System.Security.Cryptography.Native/CMakeLists.txt
+++ b/src/native/libs/System.Security.Cryptography.Native/CMakeLists.txt
@@ -68,18 +68,6 @@ if (LOCAL_BUILD)
${CMAKE_CURRENT_BINARY_DIR}/pal_config.h)
endif()
-
-# Always build portable on macOS because OpenSSL is not a system component
-# and our prebuilts should not assume a specific ABI version for the types
-# that use OpenSSL at runtime.
-if (CLR_CMAKE_TARGET_OSX OR CLR_CMAKE_TARGET_MACCATALYST)
- set(FEATURE_DISTRO_AGNOSTIC_SSL True)
-
- # by default uninitialized variables like the shim _ptr functions, will turn into common symbols
- # and on OSX those have linking problems in libraries (ELF vs. Mach-O difference)
- add_compile_options(-fno-common)
-endif()
-
if (FEATURE_DISTRO_AGNOSTIC_SSL)
list(APPEND NATIVECRYPTO_SOURCES
opensslshim.c
@@ -125,16 +113,14 @@ if (GEN_SHARED_LIB)
endif()
endif()
- if (NOT CLR_CMAKE_TARGET_MACCATALYST AND NOT CLR_CMAKE_TARGET_IOS AND NOT CLR_CMAKE_TARGET_TVOS AND NOT CLR_CMAKE_TARGET_ANDROID)
- add_custom_command(TARGET System.Security.Cryptography.Native.OpenSsl POST_BUILD
- COMMENT "Verifying System.Security.Cryptography.Native.OpenSsl entry points against entrypoints.c "
- COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/../verify-entrypoints.sh
- $
- ${CMAKE_CURRENT_SOURCE_DIR}/entrypoints.c
- ${CMAKE_NM}
- VERBATIM
- )
- endif()
+ add_custom_command(TARGET System.Security.Cryptography.Native.OpenSsl POST_BUILD
+ COMMENT "Verifying System.Security.Cryptography.Native.OpenSsl entry points against entrypoints.c "
+ COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/../verify-entrypoints.sh
+ $
+ ${CMAKE_CURRENT_SOURCE_DIR}/entrypoints.c
+ ${CMAKE_NM}
+ VERBATIM
+ )
target_link_libraries(System.Security.Cryptography.Native.OpenSsl
PRIVATE
diff --git a/src/native/libs/build-native.sh b/src/native/libs/build-native.sh
index 5169732c2d641b..5055b05839de15 100755
--- a/src/native/libs/build-native.sh
+++ b/src/native/libs/build-native.sh
@@ -83,6 +83,9 @@ elif [[ "$__TargetOS" == ios || "$__TargetOS" == iossimulator ]]; then
elif [[ "$__TargetOS" == tvos || "$__TargetOS" == tvossimulator ]]; then
# nothing to do here
true
+elif [[ "$__TargetOS" == osx || "$__TargetOS" == maccatalyst ]]; then
+ # nothing to do here
+ true
elif [[ "$__TargetOS" == android && -z "$ROOTFS_DIR" ]]; then
# nothing to do here
true