providers: stop probing for getentropy(3) on recent FreeBSD
FreeBSD has supported both getrandom(2) and getentropy(3) since 12.0.
The last version which did *not* have these went EoL in September 2021.
Use getrandom(2) unconditionally and fallback to sysctl kern.arandom if
we do happen to have a FreeBSD that old.
This is generally a necessary step for FreeBSD's _FORTIFY_SOURCE
implementation, which needs to do some symbol renaming tricks with the
getentropy declaration that would otherwise add some platform-specific
hacks here to accommodate. getentropy(3) uses getrandom(2) internally
on FreeBSD, so we just cut out the middleman.
While we're here, it doesn't seem to make sense to ever prefer the
sysctl on FreeBSD or NetBSD. For both platforms, it's limited to 256
bytes in a single request while getrandom(2) will generally use the same
backend but service the entire request in one shot, even for larger
amounts of entropy, modulo the EINTR possibility that presents itself
with larger requests.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24903)
projects / thirdparty / openssl.git / commit
