diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2022-01-03 00:04:12 -0500 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2022-01-03 02:23:07 -0500 |
commit | 1334dd4ad52f8685948066af4798446af6b3e2da (patch) | |
tree | b9cf436dbdd80dc1f61847ef46756d7a079dfd03 | |
parent | c5d55a997033e412272695f6abf26554cda17fa7 (diff) | |
download | lighttpd-git-1334dd4ad52f8685948066af4798446af6b3e2da.tar.gz |
[core] CCRandomGenerateBytes() for rand on macOS (fixes #3129)
(thx devnexen)
x-ref:
"rand macOs case handling update"
https://redmine.lighttpd.net/issues/3129
-rw-r--r-- | src/rand.c | 17 |
1 files changed, 17 insertions, 0 deletions
@@ -81,6 +81,13 @@ #ifdef RNDGETENTCNT #include <sys/ioctl.h> #endif +#if defined(__APPLE__) && defined(__MACH__) +#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 101000 /* OS X 10.10+ */ +#undef HAVE_ARC4RANDOM_BUF +#define HAVE_CCRANDOMGENERATEBYTES +#include <CommonCrypto/CommonRandom.h> +#endif +#endif /* Take some reasonable steps to attempt to *seed* random number generators with * cryptographically random data. Some of these initialization routines may @@ -239,6 +246,11 @@ static void li_rand_init (void) if (1 == li_rand_device_bytes((unsigned char *)xsubi, (int)sizeof(xsubi))) { u = ((unsigned int)xsubi[0] << 16) | xsubi[1]; } + #ifdef HAVE_CCRANDOMGENERATEBYTES + else if (CCRandomGenerateBytes(xsubi, sizeof(xsubi)) == kCCSuccess + && CCRandomGenerateBytes(&u, sizeof(u)) == kCCSuccess) { + } + #endif else { #ifdef HAVE_ARC4RANDOM_BUF u = arc4random(); @@ -373,6 +385,11 @@ int li_rand_pseudo (void) if (SECSuccess == PK11_GenerateRandom((unsigned char *)&i, sizeof(i))) return i; #endif + #ifdef HAVE_CCRANDOMGENERATEBYTES + int i; + if (CCRandomGenerateBytes(&i, sizeof(i)) == kCCSuccess) + return i; + #endif #ifdef HAVE_ARC4RANDOM_BUF return (int)arc4random(); #elif defined(__COVERITY__) |