macOS use SecRandomCopyBytes instead of getentropy (nim-lang#20466)

* On macOS use SecRandomCopyBytes instead of getentropy (which is only available on macOS 10.12+) * Change passL to passl
capocasa · Mar 31, 2023 · 9dcb910 · 9dcb910
1 parent ddd21ad
commit 9dcb910
Showing 1 changed file with 4 additions and 17 deletions.
diff --git a/lib/std/sysrand.nim b/lib/std/sysrand.nim
@@ -20,7 +20,7 @@
 ## | :---                 | ----:                 |
 ## | Windows              | `BCryptGenRandom`_    |
 ## | Linux                | `getrandom`_          |
-## | MacOSX               | `getentropy`_         |
+## | MacOSX               | `SecRandomCopyBytes`_ |
 ## | iOS                  | `SecRandomCopyBytes`_ |
 ## | OpenBSD              | `getentropy openbsd`_ |
 ## | FreeBSD              | `getrandom freebsd`_  |
@@ -66,7 +66,7 @@ when defined(nimPreviewSlimSystem):
   import std/assertions
 
 const
-  batchImplOS = defined(freebsd) or defined(openbsd) or defined(zephyr) or (defined(macosx) and not defined(ios))
+  batchImplOS = defined(freebsd) or defined(openbsd) or defined(zephyr)
   batchSize {.used.} = 256
 
 when batchImplOS:
@@ -231,8 +231,8 @@ elif defined(freebsd):
   proc getRandomImpl(p: pointer, size: int): int {.inline.} =
     result = getrandom(p, csize_t(size), 0)
 
-elif defined(ios):
-  {.passL: "-framework Security".}
+elif defined(ios) or defined(macosx):
+  {.passl: "-framework Security".}
 
   const errSecSuccess = 0 ## No error.
 
@@ -254,19 +254,6 @@ elif defined(ios):
 
     result = secRandomCopyBytes(nil, csize_t(size), addr dest[0])
 
-elif defined(macosx):
-  const sysrandomHeader = """#include <Availability.h>
-#include <sys/random.h>
-"""
-
-  proc getentropy(p: pointer, size: csize_t): cint {.importc: "getentropy", header: sysrandomHeader.}
-    # getentropy() fills a buffer with random data, which can be used as input
-    # for process-context pseudorandom generators like arc4random(3).
-    # The maximum buffer size permitted is 256 bytes.
-
-  proc getRandomImpl(p: pointer, size: int): int {.inline.} =
-    result = getentropy(p, csize_t(size)).int
-
 else:
   template urandomImpl(result: var int, dest: var openArray[byte]) =
     let size = dest.len