diff options
| author | Brent Cook <bcook@openbsd.org> | 2014-10-27 20:01:21 -0500 |
|---|---|---|
| committer | Brent Cook <bcook@openbsd.org> | 2014-11-03 01:19:36 -0600 |
| commit | 8abf8e1e1577f51deb5c3bc01f076205f1bfb268 (patch) | |
| tree | f16af76a9f00b7d3f70eba0986e1f7d924097ea7 | |
| parent | e864776f0bb71366812088102e8f4d8f71408263 (diff) | |
| download | portable-8abf8e1e1577f51deb5c3bc01f076205f1bfb268.tar.gz portable-8abf8e1e1577f51deb5c3bc01f076205f1bfb268.tar.bz2 portable-8abf8e1e1577f51deb5c3bc01f076205f1bfb268.zip | |
override native arc4random_buf on OS X
While the native OS X implementation is fork-safe, it does not seed
safely, as of the latest released OS X libc sources, version 997.90.3.
It only uses weak sources of entropy if accessing /dev/urandom fails.
ok beck@ deraadt@
| -rw-r--r-- | configure.ac | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 6ae06a1..0f75e81 100644 --- a/configure.ac +++ b/configure.ac | |||
| @@ -79,6 +79,10 @@ AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes]) | |||
| 79 | AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes]) | 79 | AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes]) |
| 80 | AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes]) | 80 | AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes]) |
| 81 | 81 | ||
| 82 | # overrides for arc4random_buf implementations with known issues | ||
| 83 | AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], | ||
| 84 | [test "x$HOST_OS" != xdarwin -a "x$NO_ARC4RANDOM_BUF" = xtrue]) | ||
| 85 | |||
| 82 | AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ | 86 | AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ |
| 83 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ | 87 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ |
| 84 | #include <stdarg.h> | 88 | #include <stdarg.h> |