remove per-OS arc4random_buf overrides
If an OS provides an arc4random_buf implementation in its C library, prefer it over an in-library version. This allows OS-specific implementations to become more robust over time. It also prevents possible link-time confusion as to which arc4random_buf implementation is in use by an application when linked with LibreSSL. The built-in unit tests will identify some common issues, such as fork safety and PID wrap handling. Other elements, such as seeding mechanisms, should be audited by the vendor or user for correctness. ok deraadt@ beck@
This commit is contained in:
Brent Cook
parent
55d07e70dc
commit
a5c82283e0
@ -84,12 +84,6 @@ AC_CHECK_FUNC(arc4random_buf,[AC_SEARCH_LIBS(write,, [NO_ARC4RANDOM_BUF=],
|
||||
AC_SUBST(NO_ARC4RANDOM_BUF)
|
||||
AM_CONDITIONAL(NO_ARC4RANDOM_BUF, test "x$NO_ARC4RANDOM_BUF" = "xyes")
|
||||
|
||||
# overrides for arc4random_buf implementations with known issues
|
||||
AM_CONDITIONAL(NO_ARC4RANDOM_BUF,
|
||||
test x$HOST_OS = xdarwin \
|
||||
-o x$HOST_OS = xsolaris \
|
||||
-o x$NO_ARC4RANDOM_BUF = xyes)
|
||||
|
||||
AC_CHECK_FUNC(getentropy,[AC_SEARCH_LIBS(write,, [NO_GETENTROPY=],
|
||||
[NO_GETENTROPY=yes])], [NO_GETENTROPY=yes])
|
||||
AC_SUBST(NO_GETENTROPY)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user