Fix entropy source selection for Apple cross-compilation targets#3113
Merged
Fix entropy source selection for Apple cross-compilation targets#3113
Conversation
Contributor
Author
|
Problem reproduced by CI here: https://github.com/aws/aws-lc/actions/runs/23351546455/job/67931308787?pr=3113#step:7:660 |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3113 +/- ##
==========================================
- Coverage 78.22% 78.20% -0.03%
==========================================
Files 689 689
Lines 122073 122073
Branches 17030 17029 -1
==========================================
- Hits 95491 95465 -26
- Misses 25677 25702 +25
- Partials 905 906 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
torben-hansen
approved these changes
Mar 23, 2026
geedo0
approved these changes
Mar 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issues:
Related: aws/aws-lc-rs#1068
Related: #3111
Context:
When cross-compiling for iOS on certain toolchains,
TARGET_OS_IPHONEfromTargetConditionals.hcan evaluate to 0 (e.g., due to compiler/SDK version mismatches). This causesOPENSSL_IOSto not be defined, and the entropy source selection incrypto/rand_extra/internal.hfalls through toOPENSSL_RAND_URANDOM, which is inherently Linux-specific. The build then fails inurandom.cdue to its use ofioctl()andRNDGETENTCNT.Description of changes:
The fix widens the
CCRandomGenerateBytesbranch fromOPENSSL_IOStoOPENSSL_APPLE.OPENSSL_APPLEis derived from__APPLE__(a compiler intrinsic) so it has no dependency onTargetConditionals.h.CCRandomGenerateBytesis available on all Apple platforms, so this is safe regardless of the specific Apple target.Call-outs:
We considered instead redefining
OPENSSL_IOSusing aTargetConditionals.h-independent condition (e.g.,OPENSSL_APPLE && !OPENSSL_MACOS), butOPENSSL_MACOSdepends on the sameTargetConditionals.hmechanism and fails in the same way. It would also incorrectly label non-iOS Apple platforms (tvOS, watchOS, etc.) as iOS.Testing:
Added an iOS aarch64 cross-compilation job to the
aws-lc-rs.ymlworkflow.This job installs Homebrew LLVM (which reproduces the
TargetConditionals.hdetection failure) and builds aws-lc-rs for
aarch64-apple-ios.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.