20865: Don't use getentropy() on OSX Sierra.

Tor 0.2.9 has a broader range of fixes and workarounds here, but for 0.2.8, we're just going to maintain the existing behavior. (The alternative would be to backport both 1eba088054eca1555b455ee4a2adfafecb888af9 and 16fcbd21c963a9a65bf55024680c8323c8b7175d , but the latter is kind of a subtle kludge in the configure.ac script, and I'm not a fan of backporting that kind of thing.)
author: Nick Mathewson <nickm@torproject.org> 2016-12-05 09:37:03 -0500
committer: Nick Mathewson <nickm@torproject.org> 2016-12-05 10:02:33 -0500
commit: 714aeedc5278fe50fb2b9ccafeefa4270eaf3391 (patch)
tree: dbaa547c3e744e95777baad9857057dbf528b95c /src
parent: 1122137fa013c414d480048c266259bd72f48452 (diff)
download: tor-714aeedc5278fe50fb2b9ccafeefa4270eaf3391.tar.gz
tor-714aeedc5278fe50fb2b9ccafeefa4270eaf3391.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index c5d07dfb61..f7bb8ff1f9 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -88,6 +88,15 @@
 
 #include "keccak-tiny/keccak-tiny.h"
 
+#ifdef __APPLE__
+/* Apple messed up their getentropy definitions in Sierra.  It's not insecure
+ * or anything (as far as I know) but it makes compatible builds hard.  0.2.9
+ * contains the necessary tricks to do it right: in 0.2.8, we're just using
+ * this blunt instrument.
+ */
+#undef HAVE_GETENTROPY
+#endif
+
 #ifdef ANDROID
 /* Android's OpenSSL seems to have removed all of its Engine support. */
 #define DISABLE_ENGINES
author	Nick Mathewson <nickm@torproject.org>	2016-12-05 09:37:03 -0500
committer	Nick Mathewson <nickm@torproject.org>	2016-12-05 10:02:33 -0500
commit	714aeedc5278fe50fb2b9ccafeefa4270eaf3391 (patch)
tree	dbaa547c3e744e95777baad9857057dbf528b95c /src
parent	1122137fa013c414d480048c266259bd72f48452 (diff)
download	tor-714aeedc5278fe50fb2b9ccafeefa4270eaf3391.tar.gz tor-714aeedc5278fe50fb2b9ccafeefa4270eaf3391.zip