1 files changed, 55 insertions, 1 deletions
diff --git a/m4/check-libc.m4 b/m4/check-libc.m4
index f2eb3eb..272ebfe 100644
--- a/m4/check-libc.m4
+++ b/m4/check-libc.m4
@@ -47,7 +47,61 @@ AM_CONDITIONAL([HAVE_B64_NTOP], [test "x$ac_cv_func_b64_ntop_arg" = xyes])
 AC_DEFUN([CHECK_CRYPTO_COMPAT], [
 # Check crypto-related libc functions and syscalls
 AC_CHECK_FUNCS([arc4random arc4random_buf arc4random_uniform])
-AC_CHECK_FUNCS([explicit_bzero getauxval getentropy])
+AC_CHECK_FUNCS([explicit_bzero getauxval])
+AC_CACHE_CHECK([for getentropy], ac_cv_func_getentropy, [
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([[
+#include <sys/types.h>
+#include <sys/random.h>
+#ifdef __APPLE__
+#  include <AvailabilityMacros.h>
+/*
+ * Before macOS 10.12 getentropy() was not available. In 10.12 however it
+ * seems to be not marked for retro-compatibility and thus we cannot cross
+ * compile targeting, e.g., 10.12 unless we disable getentropy().
+ *
+ * To test,
+ *
+ *    export CFLAGS="-mmacosx-version-min=10.11"
+ *    ./configure
+ *    # ensure that getentropy() is not found
+ *
+ * Based on: https://gitweb.torproject.org/tor.git/commit/?id=https://gitweb.torproject.org/tor.git/commit/?id=16fcbd21c963a9a65bf55024680c8323c8b7175d
+ */
+#  ifndef MAC_OS_X_VERSION_10_12
+#    define MAC_OS_X_VERSION_10_12 101200
+#  endif
+#  if defined(MAC_OS_X_VERSION_MIN_REQUIRED)
+#    if MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_12
+#      error "Running on Mac OSX 10.11 or earlier"
+#    endif
+#  endif
+#endif
+/*
+ * As of iOS 10.1, getentropy() as a system call is defined but is not
+ * declared in sys/random.h and submitting an App that links to getentropy()
+ * leads to the App store rejecting the App because:
+ *
+ * > The app references non-public symbols in $appname: _getentropy
+ *
+ * Disabling the check for getentropy() and thus enabling libressl own
+ * emulation of that fixes the issue.
+ */
+#if (defined TARGET_IPHONE_OS || defined TARGET_IPHONE_SIMULATOR)
+#  error "As far as we know, getentropy() is not usable on iOS"
+#endif
+                ]], [[
+        char buffer[1024];
+        (void)getentropy(buffer, sizeof (buffer));
+]])],
+        [ ac_cv_func_getentropy="yes" ],
+        [ ac_cv_func_getentropy="no"
+        ])
+])
 AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
 AM_CONDITIONAL([HAVE_ARC4RANDOM], [test "x$ac_cv_func_arc4random" = xyes])
 AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])

diff --git a/m4/check-libc.m4 b/m4/check-libc.m4 index f2eb3eb..272ebfe 100644 --- a/m4/check-libc.m4 +++ b/m4/check-libc.m4
@@ -47,7 +47,61 @@ AM_CONDITIONAL([HAVE_B64_NTOP], [test "x$ac_cv_func_b64_ntop_arg" = xyes])
47	AC_DEFUN([CHECK_CRYPTO_COMPAT], [	47	AC_DEFUN([CHECK_CRYPTO_COMPAT], [
48	# Check crypto-related libc functions and syscalls	48	# Check crypto-related libc functions and syscalls
49	AC_CHECK_FUNCS([arc4random arc4random_buf arc4random_uniform])	49	AC_CHECK_FUNCS([arc4random arc4random_buf arc4random_uniform])
50	AC_CHECK_FUNCS([explicit_bzero getauxval getentropy])	50	AC_CHECK_FUNCS([explicit_bzero getauxval])
		51
		52	AC_CACHE_CHECK([for getentropy], ac_cv_func_getentropy, [
		53	AC_LINK_IFELSE([AC_LANG_PROGRAM([[
		54	#include <sys/types.h>
		55	#include <sys/random.h>
		56
		57	#ifdef __APPLE__
		58	# include <AvailabilityMacros.h>
		59
		60	/*
		61	* Before macOS 10.12 getentropy() was not available. In 10.12 however it
		62	* seems to be not marked for retro-compatibility and thus we cannot cross
		63	* compile targeting, e.g., 10.12 unless we disable getentropy().
		64	*
		65	* To test,
		66	*
		67	* export CFLAGS="-mmacosx-version-min=10.11"
		68	* ./configure
		69	* # ensure that getentropy() is not found
		70	*
		71	* Based on: https://gitweb.torproject.org/tor.git/commit/?id=https://gitweb.torproject.org/tor.git/commit/?id=16fcbd21c963a9a65bf55024680c8323c8b7175d
		72	*/
		73	# ifndef MAC_OS_X_VERSION_10_12
		74	# define MAC_OS_X_VERSION_10_12 101200
		75	# endif
		76	# if defined(MAC_OS_X_VERSION_MIN_REQUIRED)
		77	# if MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_12
		78	# error "Running on Mac OSX 10.11 or earlier"
		79	# endif
		80	# endif
		81	#endif
		82
		83	/*
		84	* As of iOS 10.1, getentropy() as a system call is defined but is not
		85	* declared in sys/random.h and submitting an App that links to getentropy()
		86	* leads to the App store rejecting the App because:
		87	*
		88	* > The app references non-public symbols in $appname: _getentropy
		89	*
		90	* Disabling the check for getentropy() and thus enabling libressl own
		91	* emulation of that fixes the issue.
		92	*/
		93	#if (defined TARGET_IPHONE_OS \|\| defined TARGET_IPHONE_SIMULATOR)
		94	# error "As far as we know, getentropy() is not usable on iOS"
		95	#endif
		96	]], [[
		97	char buffer[1024];
		98	(void)getentropy(buffer, sizeof (buffer));
		99	]])],
		100	[ ac_cv_func_getentropy="yes" ],
		101	[ ac_cv_func_getentropy="no"
		102	])
		103	])
		104
51	AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])	105	AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
52	AM_CONDITIONAL([HAVE_ARC4RANDOM], [test "x$ac_cv_func_arc4random" = xyes])	106	AM_CONDITIONAL([HAVE_ARC4RANDOM], [test "x$ac_cv_func_arc4random" = xyes])
53	AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])	107	AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])