- Prevent CMake to auto-detect /dev/urandom when cross-building.
Before this patch, it would detect it in a cross-build scenario on *nix
hosts with this device present. This was a problem for example with
Windows builds, but it could affect any target system with this device
missing. This also syncs detection behaviour with autotools, which also
skips it for cross-builds.
- Also, make sure to never use the file RANDOM_FILE as entropy for libcurl's
fallback random number generator on Windows. Windows does not have the
concept of reading a random stream from a filename, nor any guaranteed
non-world-writable path on disk. With this, a manual misconfiguration or
an overeager auto-detection can no longer result in a user-controllable
seed source.
Reviewed-by: Daniel Stenberg
Closes #9038
set(HAVE_LL 1)
endif()
-find_file(RANDOM_FILE urandom /dev)
-mark_as_advanced(RANDOM_FILE)
+if(NOT CMAKE_CROSSCOMPILING)
+ find_file(RANDOM_FILE urandom /dev)
+ mark_as_advanced(RANDOM_FILE)
+endif()
# Check for some functions that are used
if(HAVE_LIBWS2_32)
/* ---- non-cryptographic version following ---- */
-#ifdef RANDOM_FILE
+#if defined(RANDOM_FILE) && !defined(WIN32)
if(!seeded) {
/* if there's a random file to read a seed from, use it */
int fd = open(RANDOM_FILE, O_RDONLY);
* 'rndptr' points to.
*
* If libcurl is built without TLS support or with a TLS backend that lacks a
- * proper random API (Gskit or mbedTLS), this function will use "weak" random.
+ * proper random API (rustls, Gskit or mbedTLS), this function will use "weak"
+ * random.
*
* When built *with* TLS support and a backend that offers strong random, it
* will return error if it cannot provide strong random values.
projects / thirdparty / curl.git / commitdiff
