Let's not make `bcrypt.dl` a link-time bound library. Instead, load the
`BCryptGenRandom()` function dynamically. When needed. If needed.
This helps reduce the start-up cost of any mimalloc user because the
time spent on loading dynamic libraries is non-negligible.
Note: In contrast to how `os.c` loads libraries and obtains function
addresses, we cannot call `FreeLibrary(hDll)` here because that would
unload the `bcrypt` library before we want to use it.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
The ``_os_random_weak`` function is the only non-static function
besides ``_ZSt15get_new_handlerv`` that is not prefixed with ``mi`` or
``_mi``.
The discrepancy was discovered by CPython's smelly script. The checker
looks for exported symbols that don't have well-defined prefixes.
Signed-off-by: Christian Heimes <christian@python.org>
Define ``_DEFAULT_SOURCE`` in ``random.c`` and ``alloc.c``. The macro
is required for ``syscall()`` and ``realpath()``. Other files like
``os.c`` already define the macro.
Signed-off-by: Christian Heimes <christian@python.org>
The implementation of arc4random_buf differs from its documentation. It
is documented as "always successful, and no return value is reserved to
indicate an error" for the sake of FreeBSD compatibility [1]. However,
the actual implementation on macOS invokes function "ccrng_generate" [2]
without validating the error cases. It might fail silently[3], which leads
to unexpected source of entropy.
The original arc4random used the RC4 a.k.a. ARC4 algorithm, and ChaCha20
based implementation was introduced in FreeBSD 12.0. Since macOS 10.12,
it was replaced with the NIST-approved AES cipher, and it may be replaced
again in the future as cryptographic techniques advance. Therefore, we
should not assume that arc4random never fails.
On the contrary, CCRandomGenerateBytes(), part of Cryptographic Services [4],
returns cryptographically strong random bits with explicit status code.
This patch properly calls CCRandomGenerateBytes() and checks the status.
[1] https://www.freebsd.org/cgi/man.cgi?query=arc4random_buf
[2] https://opensource.apple.com/source/CommonCrypto/CommonCrypto-60178.40.2/lib/CommonRandom.c.auto.html
[3] https://opensource.apple.com/source/Libc/Libc-1439.40.11/gen/FreeBSD/arc4random.c.auto.html
[4] https://developer.apple.com/documentation/security
