macos: Cleanup SecRandom type #28
Conversation
There was a problem hiding this comment.
I wasn't aware of this. I found the section on Handling Zero-Sized Types in the nomicon, but it only talks about issues with allocation and iterators — we don't appear to do either here.
What our version of OpaquePointer is missing is alignment info, though given that we only ever construct the address 0 it shouldn't matter.
Also, I guess usize is always the same as libc::size_t but can we actually rely on that?
|
IIUC this is one of the use-cases for extern types (currently unstable) and uninhabited types is a common workaround, which I've seen in several places. I am not sure if this PR is correct, citing the
|
Right now `SecRandom` is an uninhabited type. However, opaque pointers are not supposed to be pointers to uninhabited types or ZSTs. This issue was solved in `core` by introducing `core::ffi:c_void` that just does all the right things. This PR: - Changes `SecRandom` to be a `transparent` wrapper around `c_void`. - Links `kSecRandomDefault` instead of defining it ourself. - Should not change any behavior on macos.
src/macos.rs
Outdated
| @@ -11,29 +11,23 @@ extern crate std; | |||
|
|
|||
| use crate::Error; | |||
| use std::io; | |||
| use core::ffi::c_void; | |||
There was a problem hiding this comment.
You don't need this import anymore.
Whoops, missed that. Fixed to do what the nomicon says (use a private ZST field) and link to the Github issue on
So this assumption is built deep into how Rust interfaces with C libraries. If a platform is supportted by |
Right now
SecRandomis an uninhabited type. However, opaque pointersare not supposed to be pointers to uninhabited types or ZSTs. This
issue was solved in
coreby introducingcore::ffi:c_voidthat justdoes all the right things.
This PR:
SecRandomto be atransparentwrapper aroundc_void.kSecRandomDefaultinstead of defining it ourself.