diff options
| author | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2021-03-19 15:23:03 +0900 |
|---|---|---|
| committer | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2021-03-19 15:23:03 +0900 |
| commit | 4ea96f1d4f8a50c204c4367c994cdbf12cd97b64 (patch) | |
| tree | 2a62d8197c6ab29b376ebad61ce7f9a852d37c9a | |
| parent | a85ed626f18d1014d09fb37eb0a703976c3d2b53 (diff) | |
| download | ruby-4ea96f1d4f8a50c204c4367c994cdbf12cd97b64.tar.gz | |
Use CommonRandom if available
| -rw-r--r-- | configure.ac | 3 | ||||
| -rw-r--r-- | random.c | 21 |
2 files changed, 20 insertions, 4 deletions
diff --git a/configure.ac b/configure.ac index 0110896e4a..83eee92e94 100644 --- a/configure.ac +++ b/configure.ac @@ -3634,7 +3634,8 @@ AS_CASE(["$target_os"], RUBY_APPEND_OPTION(CFLAGS, -pipe) AC_COMPILE_IFELSE([ AC_LANG_BOOL_COMPILE_TRY([@%:@include <AvailabilityMacros.h>], - [MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7])], + [MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7 && + MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_10])], [dnl RUBY_APPEND_OPTION(XLDFLAGS, [-framework Security]) RUBY_APPEND_OPTION(LIBRUBYARG_STATIC, [-framework Security]) @@ -495,21 +495,36 @@ fill_random_bytes_urandom(void *seed, size_t size) #if 0 #elif defined MAC_OS_X_VERSION_10_7 && MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7 -#include <Security/SecRandom.h> + +# if defined MAC_OS_X_VERSION_10_10 && MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_10 +# include <CommonCrypto/CommonRandom.h> +# define USE_COMMON_RANDOM 1 +# else +# include <Security/SecRandom.h> +# define USE_COMMON_RANDOM 0 +# endif static int fill_random_bytes_syscall(void *seed, size_t size, int unused) { - int status = SecRandomCopyBytes(kSecRandomDefault, size, seed); +#if USE_COMMON_RANDOM + int failed = CCRandomGenerateBytes(seed, size) != kCCSuccess; +#else + int failed = SecRandomCopyBytes(kSecRandomDefault, size, seed) != errSecSuccess; +#endif - if (status != errSecSuccess) { + if (failed) { # if 0 +# if USE_COMMON_RANDOM + /* How to get the error message? */ +# else CFStringRef s = SecCopyErrorMessageString(status, NULL); const char *m = s ? CFStringGetCStringPtr(s, kCFStringEncodingUTF8) : NULL; fprintf(stderr, "SecRandomCopyBytes failed: %d: %s\n", status, m ? m : "unknown"); if (s) CFRelease(s); # endif +# endif return -1; } return 0; |