Project

General

Profile

Actions
Copy link

Bug #3140

closed

lighttpd build failure on macOS 10.13 and earlier

Added by ryandesign almost 3 years ago. Updated almost 3 years ago.

Status:
Fixed
Priority:
Normal
Category:
core
Target version:
1.4.65
ASK QUESTIONS IN Forums:
No

Description

Hello, lighttpd 1.4.64 is failing to build on macOS versions prior to 10.14. Errors are:

In file included from rand.c:88:
/usr/include/CommonCrypto/CommonRandom.h:35:9: error: unknown type name 'CCCryptorStatus'
typedef CCCryptorStatus CCRNGStatus;
        ^
/usr/bin/clang -DHAVE_CONFIG_H -DHAVE_VERSIONSTAMP_H -DLIBRARY_DIR="\"/opt/local/lib\"" -DSBIN_DIR="\"/opt/local/sbin\"" -I. -I..   -I/opt/local/include -D_REENTRANT  -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGE_FILES    -pipe -Os -arch x86_64 -pipe -Wall -W -Wshadow -pedantic -MT t_test_mod-sock_addr.o -MD -MP -MF .deps/t_test_mod-sock_addr.Tpo -c -o t_test_mod-sock_addr.o `test -f 'sock_addr.c' || echo './'`sock_addr.c
/usr/bin/clang -DHAVE_CONFIG_H -DHAVE_VERSIONSTAMP_H -DLIBRARY_DIR="\"/opt/local/lib\"" -DSBIN_DIR="\"/opt/local/sbin\"" -I. -I..   -I/opt/local/include -D_REENTRANT  -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGE_FILES    -pipe -Os -arch x86_64 -pipe -Wall -W -Wshadow -pedantic -MT t_test_mod-fdlog_maint.o -MD -MP -MF .deps/t_test_mod-fdlog_maint.Tpo -c -o t_test_mod-fdlog_maint.o `test -f 'fdlog_maint.c' || echo './'`fdlog_maint.c
rand.c:250:61: error: use of undeclared identifier 'kCCSuccess'
    else if (CCRandomGenerateBytes(xsubi, sizeof(xsubi)) == kCCSuccess
                                                            ^
rand.c:251:57: error: use of undeclared identifier 'kCCSuccess'
             && CCRandomGenerateBytes(&u, sizeof(u)) == kCCSuccess) {
                                                        ^
rand.c:390:49: error: use of undeclared identifier 'kCCSuccess'
    if (CCRandomGenerateBytes(&i, sizeof(i)) == kCCSuccess)
                                                ^
4 errors generated.

Full build log: https://build.macports.org/builders/ports-10.13_x86_64-builder/builds/139700/steps/install-port/logs/stdio

Related issues 1 (0 open1 closed)

Related to Feature #3129: rand macOs case handling updateFixedActions
Actions
Copy link
 #1

Updated by gstrauss almost 3 years ago

  • Category set to core
  • Status changed from New to Patch Pending
  • Target version changed from 1.4.xx to 1.4.65

Apparently the following in rand.c needs to be modified for 10.14+

#if defined(__APPLE__) && defined(__MACH__)
#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 101000 /* OS X 10.10+ */
#undef HAVE_ARC4RANDOM_BUF
#define HAVE_CCRANDOMGENERATEBYTES
#include <CommonCrypto/CommonRandom.h>
#endif
#endif

Does this work? It will need to be a patch in macports until the next lighttpd release.

--- a/src/rand.c
+++ b/src/rand.c
@@ -82,7 +82,7 @@
 #include <sys/ioctl.h>
 #endif
 #if defined(__APPLE__) && defined(__MACH__)
-#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 101000 /* OS X 10.10+ */
+#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 101400 /* OS X 10.14+ */
 #undef HAVE_ARC4RANDOM_BUF
 #define HAVE_CCRANDOMGENERATEBYTES
 #include <CommonCrypto/CommonRandom.h>

Actions
Copy link
 #2

Updated by gstrauss almost 3 years ago

  • Related to Feature #3129: rand macOs case handling update added
Actions
Copy link
 #3

Updated by ryandesign almost 3 years ago

I think it should be possible to use CommonCrypto from 10.10 onwards but according to https://github.com/openssl/openssl/pull/16409/files you might just need to #include <CommonCrypto/CommonCryptoError.h>. Let me test that on 10.13 and get back to you.

Actions
Copy link
 #4

Updated by devnexen almost 3 years ago

that is the right thing to do indeed sorry for the trouble.

Actions
Copy link
 #5

Updated by ryandesign almost 3 years ago

It does compile on 10.13 when adding the CommonCryptoError.h include above the CommonRandom.h include.

But now I see https://github.com/openssl/openssl/commit/2f3b120401533db82e99ed28de5fc8aab1b76b33 in which openssl disabled the use of CommonCrypto for < 10.12 because "MacOS prior to 10.12 does not support random API correctly". Their test suite was apparently failing before this. I don't know if this was specific to openssl or if the problem would affect lighttpd too.

I tried running the test suite on 10.13 and 1 of 3 tests failed. Should I report that separately? I can try on < 10.12 and see if the result is different.

Actions
Copy link
 #6

Updated by gstrauss almost 3 years ago

I consider use of CCRandomGenerateBytes to be an enhancement, but not required, so if not supported (or not supported well) on older versions of MacOS, it can be disabled IMO.

Please advise if you would like CCRandomGenerateBytes used only with 10.14+, or 10.12+ with #include <CommonCrypto/CommonCryptoError.h>, or 10.10+ with #include <CommonCrypto/CommonCryptoError.h>, and if you want #include <CommonCrypto/CommonCryptoError.h> limited to < 10.14.

This is my current patch

--- a/src/rand.c
+++ b/src/rand.c
@@ -82,9 +82,10 @@
 #include <sys/ioctl.h>
 #endif
 #if defined(__APPLE__) && defined(__MACH__)
-#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 101000 /* OS X 10.10+ */
+#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ >= 101200 /* OS X 10.12+ */
 #undef HAVE_ARC4RANDOM_BUF
 #define HAVE_CCRANDOMGENERATEBYTES
+#include <CommonCrypto/CommonCryptoError.h>
 #include <CommonCrypto/CommonRandom.h>
 #endif
 #endif

Actions
Copy link
 #7

Updated by gstrauss almost 3 years ago

  • Status changed from Patch Pending to Fixed
Actions
Copy link

Also available in: Atom