whitelist NetBSD 7.0 native arc4random(3) implementation.

NetBSD 7 improves arc4random(3) over earlier versions by adding fork detection, stronger assertions on seed failure.
2016-01-03 20:47:20 -06:00 · 2016-01-03 20:47:20 -06:00 · 35e669fd1a
commit 35e669fd1a
parent d0009039de
2 changed files with 17 additions and 3 deletions
--- a/m4/check-libc.m4
+++ b/m4/check-libc.m4
@ -56,9 +56,7 @@ AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp"

 # Override arc4random_buf implementations with known issues
 AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
-	[test "x$HOST_OS" != xdarwin \
-	   -a "x$HOST_OS" != xfreebsd \
-	   -a "x$HOST_OS" != xnetbsd \
+	[test "x$USE_BUILTIN_ARC4RANDOM" != yes \
 	   -a "x$ac_cv_func_arc4random_buf" = xyes])

 # Check for getentropy fallback dependencies
--- a/m4/check-os-options.m4
+++ b/m4/check-os-options.m4
@ -17,11 +17,17 @@ case $host_os in
 		;;
 	*darwin*)
 		BUILD_NC=yes
+                # weak seed on failure to open /dev/random, based on latest public source
+                # http://www.opensource.apple.com/source/Libc/Libc-997.90.3/gen/FreeBSD/arc4random.c
+                USE_BUILTIN_ARC4RANDOM=yes
 		HOST_OS=darwin
 		HOST_ABI=macosx
 		;;
 	*freebsd*)
 		BUILD_NC=yes
+                # fork detection missing, weak seed on failure
+                # https://svnweb.freebsd.org/base/head/lib/libc/gen/arc4random.c?revision=268642&view=markup
+                USE_BUILTIN_ARC4RANDOM=yes
 		HOST_OS=freebsd
 		HOST_ABI=elf
 		AC_SUBST([PROG_LDADD], ['-lthr'])
@ -44,6 +50,16 @@ case $host_os in
 		;;
 	*netbsd*)
 		BUILD_NC=yes
+               AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#include <sys/param.h>
+#if __NetBSD_Version__ < 700000001
+        undefined
+#endif
+                       ]], [[]])],
+                       [ USE_BUILTIN_ARC4RANDOM=no ],
+                       [ USE_BUILTIN_ARC4RANDOM=yes ]
+               )
+
 		HOST_OS=netbsd
 		CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
 		;;