- according to man.openbsd.org getentropy() is in unistd.h
- according to macOS sierra's man it's in sys/random.h
- since sys/random.h is does not exist for iOS and for linux, do
not attempt to include it, rather redeclare the prototype
- make sure that `./configure`:
- uses getentropy() on macOS sierra
- does not use getentropy() if compiling for 10.11
- does not use getentropy() if compiling for ios armv7
This diff changes the logic by which configure detects getentropy() to
ensure that we don't use the system wide getentropy
- with macOS sierra if the deployment target is lower than sierra as
found by tor developers here
https://gitweb.torproject.org/tor.git/commit/?id=https://gitweb.torproject.org/tor.git/commit/?id=16fcbd21c963a9a65bf55024680c8323c8b7175d
- with iOS unconditionally because an app linking libressl compiled with
system wide getentropy has been rejected by the App store as I have
documented here
https://github.com/measurement-kit/measurement-kit/pull/994
I think something similar could also affect clock_gettime judging from
tor's patch, but this diff for now doesn't address that.
I do not have macOS < sierra, so I could only verify that configure was
not picking up system wide getentropy by compiling libressl using
export CFLAGS="-mmacosx-version-min=10.11"
As regards iOS, removing the check for getentropy and recompiling (thus
using libressl builtin getentropy()) was enough to have another iteration
of the app accepted. Otherwise testing should be possible with:
export LDFLAGS=-arch armv7 -miphoneos-version-min=7.1 -isysroot `xcrun --show-sdk-path --sdk iphoneos`
export CPPFLAGS=-arch armv7 -isysroot `xcrun --show-sdk-path --sdk iphoneos`
export CFLAGS=-arch armv7 -miphoneos-version-min=7.1 -isysroot `xcrun --show-sdk-path --sdk iphoneos`
Related ticket: https://github.com/libressl-portable/portable/issues/230
Solaris 11 recently introduced a builtin arc4random in libc which fails the tests in "make check". Found USE_BUILTIN_ARC4RANDOM, but could not get it to work. Apparently, there is a typo in the configure logic rendering USE_BUILTIN_ARC4RANDOM ineffective.
- add Solaris specific compiler flags and library
- merge message when SMALL_TIME_T is true
- confirmed on SunOS Release 5.11 Version 11.3 64-bit Solaris i386
- add cmake build options as configure provides
* -DENABLE_ASM (default ON)
* -DENABLE_EXTRATESTS (default OFF)
* -DENABLE_NC (default OFF)
* -DOPENSSLDIR (default ${CMAKE_INSTALL_PREFIX}/etc/ssl)
- add biotest and pidwraptest if ENABLE_EXTRATESTS is ON
- add compiler flag `-fno-common` if CMAKE_SYSTEM_NAME is Darwin
to prevent link error Undefined symbols "_OPENSSL_ia32cap_P"
- modify structure of CMakeLists.txt under apps/
* move apps/CMakeLists.txt to apps/openssl/ since this is for openssl build
* create new apps/nc/CMakeLists.txt for nc build
* modify apps/CMakeLists.txt just add_subdirectory()
- add checking and compile of arc4random_uniform()
- add installing man files, openssl.1 and nc.1
