From 4ea96f1d4f8a50c204c4367c994cdbf12cd97b64 Mon Sep 17 00:00:00 2001 From: Nobuyoshi Nakada Date: Fri, 19 Mar 2021 15:23:03 +0900 Subject: [PATCH] Use CommonRandom if available --- configure.ac | 3 ++- random.c | 21 ++++++++++++++++++--- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 0110896e4a..83eee92e94 100644 --- a/configure.ac +++ b/configure.ac @@ -3634,7 +3634,8 @@ AS_CASE(["$target_os"], RUBY_APPEND_OPTION(CFLAGS, -pipe) AC_COMPILE_IFELSE([ AC_LANG_BOOL_COMPILE_TRY([@%:@include ], - [MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7])], + [MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7 && + MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_10])], [dnl RUBY_APPEND_OPTION(XLDFLAGS, [-framework Security]) RUBY_APPEND_OPTION(LIBRUBYARG_STATIC, [-framework Security]) diff --git a/random.c b/random.c index d68eade0c4..0fc8789d15 100644 --- a/random.c +++ b/random.c @@ -495,20 +495,35 @@ fill_random_bytes_urandom(void *seed, size_t size) #if 0 #elif defined MAC_OS_X_VERSION_10_7 && MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7 -#include + +# if defined MAC_OS_X_VERSION_10_10 && MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_10 +# include +# define USE_COMMON_RANDOM 1 +# else +# include +# define USE_COMMON_RANDOM 0 +# endif static int fill_random_bytes_syscall(void *seed, size_t size, int unused) { - int status = SecRandomCopyBytes(kSecRandomDefault, size, seed); +#if USE_COMMON_RANDOM + int failed = CCRandomGenerateBytes(seed, size) != kCCSuccess; +#else + int failed = SecRandomCopyBytes(kSecRandomDefault, size, seed) != errSecSuccess; +#endif - if (status != errSecSuccess) { + if (failed) { # if 0 +# if USE_COMMON_RANDOM + /* How to get the error message? */ +# else CFStringRef s = SecCopyErrorMessageString(status, NULL); const char *m = s ? CFStringGetCStringPtr(s, kCFStringEncodingUTF8) : NULL; fprintf(stderr, "SecRandomCopyBytes failed: %d: %s\n", status, m ? m : "unknown"); if (s) CFRelease(s); +# endif # endif return -1; }