From cf0891b8f1e85d130084c90661b7e05f4e90ec78 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sat, 2 Jun 2018 17:50:16 +0200 Subject: [PATCH] Look up availability of getentropy() at runtime. This will actually support most OSs, and at least adds support for Solaris and OSX Fixes: #6403 Reviewed-by: Andy Polyakov GH: #6405 --- crypto/rand/rand_unix.c | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index bde4ac16cb..0c8e0dc488 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -15,6 +15,7 @@ #include "rand_lcl.h" #include "internal/rand_int.h" #include +#include "internal/dso.h" #if defined(__linux) # include #endif @@ -242,10 +243,33 @@ static size_t sysctl_random(char *buf, size_t buflen) */ int syscall_random(void *buf, size_t buflen) { + union { + void *p; + int (*f)(void *buffer, size_t length); + } p_getentropy; + + /* + * Do runtime detection to find getentropy(). + * + * We could cache the result of the lookup, but we normally don't + * call this function often. + * + * Known OSs that should support this: + * - Darwin since 16 (OSX 10.12, IOS 10.0). + * - Solaris since 11.3 + * - OpenBSD since 5.6 + * - Linux since 3.17 with glibc 2.25 + * - FreeBSD since 12.0 (1200061) + */ + p_getentropy.p = DSO_global_lookup("getentropy"); + if (p_getentropy.p != NULL) + return p_getentropy.f(buf, buflen); + # if defined(OPENSSL_HAVE_GETRANDOM) return (int)getrandom(buf, buflen, 0); # endif + /* Linux supports this since version 3.17 */ # if defined(__linux) && defined(SYS_getrandom) return (int)syscall(SYS_getrandom, buf, buflen, 0); # endif @@ -254,11 +278,6 @@ int syscall_random(void *buf, size_t buflen) return (int)sysctl_random(buf, buflen); # endif - /* Supported since OpenBSD 5.6 */ -# if defined(__OpenBSD__) && OpenBSD >= 201411 - return getentropy(buf, buflen); -# endif - return -1; } -- 2.34.1