From: David CARLIER Date: Sun, 28 May 2023 14:36:46 +0000 (+0100) Subject: Random: prioritise CCRandomGenerateBytes over getentropy on macOs. X-Git-Url: http://www.kaiwu.me/postgresql/commit/static/gitweb.js?a=commitdiff_plain;h=7cead79e996fa5ad5159254956ca05f05a06644a;p=njs.git Random: prioritise CCRandomGenerateBytes over getentropy on macOs. It is recommended approach by Apple itself. --- diff --git a/auto/getrandom b/auto/getrandom index d8b26245..5b5aa198 100644 --- a/auto/getrandom +++ b/auto/getrandom @@ -48,6 +48,28 @@ if [ $njs_found = no ]; then fi +if [ $njs_found = no ]; then + + # macOS 10.10. + + njs_feature="CCRandomGenerateBytes() in CommonCrypto/CommonRandom.h" + njs_feature_name=NJS_HAVE_CCRANDOMGENERATEBYTES + njs_feature_test="#include + #include + + int main(void) { + char buf[4]; + + if (CCRandomGenerateBytes(buf, 4) != kCCSuccess) { + return 1; + } + + return 0; + }" + . auto/feature +fi + + if [ $njs_found = no ]; then # OpenBSD 5.6 lacks . @@ -71,7 +93,7 @@ fi if [ $njs_found = no ]; then - # macOS 10.12. + # Solaris based systems. njs_feature="getentropy() in sys/random.h" njs_feature_name=NJS_HAVE_GETENTROPY_SYS_RANDOM diff --git a/src/njs_random.c b/src/njs_random.c index 806b4d16..1d9751f8 100644 --- a/src/njs_random.c +++ b/src/njs_random.c @@ -8,6 +8,9 @@ #include #if (NJS_HAVE_GETRANDOM) #include +#elif (NJS_HAVE_CCRANDOMGENERATEBYTES) +#include +#include #elif (NJS_HAVE_LINUX_SYS_GETRANDOM) #include #include @@ -72,6 +75,16 @@ njs_random_stir(njs_random_t *r, njs_pid_t pid) n = syscall(SYS_getrandom, &key, NJS_RANDOM_KEY_SIZE, 0); +#elif (NJS_HAVE_CCRANDOMGENERATEBYTES) + + /* Apple discourages the use of getentropy. */ + + n = 0; + + if (CCRandomGenerateBytes(&key, NJS_RANDOM_KEY_SIZE) == kCCSuccess) { + n = NJS_RANDOM_KEY_SIZE; + } + #elif (NJS_HAVE_GETENTROPY || NJS_HAVE_GETENTROPY_SYS_RANDOM) n = 0;