From 061fdbe3b113340fe2f28e59167d79968988c7e7 Mon Sep 17 00:00:00 2001 From: Luke Mann Date: Thu, 19 Mar 2026 17:16:09 -0700 Subject: [PATCH] =?UTF-8?q?fix:=20iOS=20cross-compilation=20=E2=80=94=20in?= =?UTF-8?q?clude=20TargetConditionals.h=20and=20guard=20RNDGETENTCNT?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Two fixes for urandom.c failing to compile on aarch64-apple-ios with Xcode 16.2 / iPhoneOS 18.2 SDK: 1. target.h: include so OPENSSL_IOS is defined (guarded by !__ASSEMBLER__ for .S file compatibility) 2. urandom.c: guard RNDGETENTCNT/ioctl usage behind OPENSSL_LINUX, matching the guards already on the #include directives for and Made-with: Cursor --- crypto/rand_extra/urandom.c | 7 +++++-- include/openssl/target.h | 8 ++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/crypto/rand_extra/urandom.c b/crypto/rand_extra/urandom.c index f9e8069374b..49be2df45d9 100644 --- a/crypto/rand_extra/urandom.c +++ b/crypto/rand_extra/urandom.c @@ -352,8 +352,10 @@ static void ensure_getrandom_is_initialized(void) { static void ensure_dev_urandom_is_initialized(void) { - // On platforms where urandom doesn't block at startup, we ensure that the - // kernel has sufficient entropy before continuing. +#if defined(OPENSSL_LINUX) + // On Linux, where urandom doesn't block at startup, we ensure that the + // kernel has sufficient entropy before continuing. RNDGETENTCNT and ioctl + // are Linux-specific (from and ). for (;;) { int entropy_bits = 0; if (ioctl(urandom_fd, RNDGETENTCNT, &entropy_bits)) { @@ -377,6 +379,7 @@ static void ensure_dev_urandom_is_initialized(void) { nanosleep(&sleep_time, &sleep_time); } +#endif // OPENSSL_LINUX random_flavor_state = STATE_READY; } diff --git a/include/openssl/target.h b/include/openssl/target.h index d06f0fa9fc6..1da62e3fdf9 100644 --- a/include/openssl/target.h +++ b/include/openssl/target.h @@ -87,6 +87,14 @@ #endif #if defined(__APPLE__) +// TargetConditionals.h defines TARGET_OS_OSX, TARGET_OS_IPHONE, etc. +// base.h includes it for C/C++, but target.h must be self-contained +// because it can be included before base.h. In assembly contexts the +// header is unavailable, but the TARGET_OS_* checks below will simply +// evaluate to false, which is fine -- assembly never inspects them. +#if !defined(__ASSEMBLER__) +#include +#endif #define OPENSSL_APPLE // Note |TARGET_OS_MAC| is set for all Apple OS variants. |TARGET_OS_OSX| // targets macOS specifically.