20865: Don't use getentropy() on OSX Sierra.

Tor 0.2.9 has a broader range of fixes and workarounds here, but for
0.2.8, we're just going to maintain the existing behavior.

(The alternative would be to backport both
1eba088054eca1555b455ee4a2adfafecb888af9 and
16fcbd21c963a9a65bf55024680c8323c8b7175d , but the latter is kind of
a subtle kludge in the configure.ac script, and I'm not a fan of
backporting that kind of thing.)

diff --git a/changes/bug20865 b/changes/bug20865
new file mode 100644 (file)
index 0000000..575d886
--- /dev/null
+++ b/changes/bug20865
@@ -0,0 +1,7 @@
+  o Minor bugfixes (portability):
+    - Avoid compilation errors when building on OSX Sierra. Sierra began
+      to support the getentropy() API, but created a few problems in
+      doing so. Tor 0.2.9 has a more thorough set of workarounds; in
+      0.2.8, we are just using the /dev/urandom interface. Fixes
+      bug 20865. Bugfix on 0.2.8.1-alpha.
+

diff --git a/src/common/crypto.c b/src/common/crypto.c
index c5d07dfb61b92e95ff81b2495c037db5a396f9d0..f7bb8ff1f91fcbef502f9b1c1e51174ff7f2086f 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -88,6 +88,15 @@
 
 #include "keccak-tiny/keccak-tiny.h"
 
+#ifdef __APPLE__
+/* Apple messed up their getentropy definitions in Sierra.  It's not insecure
+ * or anything (as far as I know) but it makes compatible builds hard.  0.2.9
+ * contains the necessary tricks to do it right: in 0.2.8, we're just using
+ * this blunt instrument.
+ */
+#undef HAVE_GETENTROPY
+#endif
+
 #ifdef ANDROID
 /* Android's OpenSSL seems to have removed all of its Engine support. */
 #define DISABLE_ENGINES