Help
Sign In
thereisonlyxul
/
sm-central-contrib
forked from thereisonlyxul/smpatches-quantum
2
0
Fork 0
Files
Browse Source

new getentropy patch

Bill Gianopoulos 3 years ago
parent
6028cf20b2
commit
a563a6d978
2 changed files with 56 additions and 47 deletions
Split View Show Diff Stats
  1. 56 0
      mozilla-central/patches/9999999-NSSgetentropy.patch
  2. 0 47
      mozilla-central/patches/PPPPPPP-killgetentropy.patch

+ 56 - 0
mozilla-central/patches/9999999-NSSgetentropy.patch
View File 

@@ -0,0 +1,56 @@
 
+# HG changeset patch
 
+# User Bill Gianopoulos <wgianopoulos@gmail.com>
 
+# Date 1570452567 14400
 
+#      Mon Oct 07 08:49:27 2019 -0400
 
+# Node ID 45bcb7edc9c43f687eb73116b2023cf793737228
 
+# Parent  4115dc9fa49df80570a5cd7c352c8c8bbf3e82b1
 
+Bug 9999999 - Avoid use of getentropy in --enable-stdcxx-compat builds.
 
+
 
+diff --git a/security/moz.build b/security/moz.build
 
+--- a/security/moz.build
 
++++ b/security/moz.build
 
+@@ -137,16 +137,18 @@ if CONFIG['OS_TARGET'] == 'WINNT':
 
+ if CONFIG['OS_TARGET'] == 'Android':
 
+     sandbox_vars['CFLAGS'] = [
 
+         '-include', TOPSRCDIR + '/security/manager/android_stub.h',
 
+         # Setting sandbox_vars['DEFINES'] is broken currently.
 
+         '-DCHECK_FORK_GETPID',
 
+     ]
 
+     if CONFIG['ANDROID_VERSION']:
 
+         sandbox_vars['CFLAGS'] += ['-DANDROID_VERSION=' + CONFIG['ANDROID_VERSION']]
 
++if CONFIG["MOZ_LIBSTDCXX_TARGET_VERSION"] or CONFIG["MOZ_LIBSTDCXX_HOST_VERSION"]:
 
++    sandbox_vars['CFLAGS'] = ['-DNSS_STDCXX_COMPAT']
 
+ if CONFIG['MOZ_SYSTEM_NSS']:
 
+     sandbox_vars['CXXFLAGS'] = CONFIG['NSS_CFLAGS']
 
+ GYP_DIRS['nss'].sandbox_vars = sandbox_vars
 
+ GYP_DIRS['nss'].no_chromium = True
 
+ GYP_DIRS['nss'].no_unified = True
 
+ # This maps action names from gyp files to
 
+ # Python scripts that can be used in moz.build GENERATED_FILES.
 
+ GYP_DIRS['nss'].action_overrides = {
 
+diff --git a/security/nss/lib/freebl/unix_urandom.c b/security/nss/lib/freebl/unix_urandom.c
 
+--- a/security/nss/lib/freebl/unix_urandom.c
 
++++ b/security/nss/lib/freebl/unix_urandom.c
 
+@@ -27,17 +27,21 @@ RNG_SystemInfoForRNG(void)
 
+ size_t
 
+ RNG_SystemRNG(void *dest, size_t maxLen)
 
+ {
 
+     int fd;
 
+     int bytes;
 
+     size_t fileBytes = 0;
 
+     unsigned char *buffer = dest;
 
+ 
+-#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25))))
 
++#if !defined(NSS_STDCXX_COMPAT) && (defined(__OpenBSD__) || \
 
++    (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || \
 
++    (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || \
 
++    ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25)))))
 
++
 
+     int result;
 
+ 
+     while (fileBytes < maxLen) {
 
+         size_t getBytes = maxLen - fileBytes;
 
+         if (getBytes > GETENTROPY_MAX_BYTES) {
 
+             getBytes = GETENTROPY_MAX_BYTES;
 
+         }
 
+         result = getentropy(buffer, getBytes);

+ 0 - 47
mozilla-central/patches/PPPPPPP-killgetentropy.patch
View File 

@@ -1,47 +0,0 @@
 
-# HG changeset patch
 
-# User Bill Gianopoulos <wgianopoulos@gmail.com>
 
-# Date 1570452567 14400
 
-#      Mon Oct 07 08:49:27 2019 -0400
 
-# Node ID 45bcb7edc9c43f687eb73116b2023cf793737228
 
-# Parent  3eec4b8d3eed8bdd316fdc4e4a10e04e834ec130
 
-No bug - Increase backwards compatibility by avoiding use of getentropy.
 
-
 
-diff --git a/security/nss/lib/freebl/unix_urandom.c b/security/nss/lib/freebl/unix_urandom.c
 
---- a/security/nss/lib/freebl/unix_urandom.c
 
-+++ b/security/nss/lib/freebl/unix_urandom.c
 
-@@ -28,16 +28,17 @@ RNG_SystemInfoForRNG(void)
 
- size_t
 
- RNG_SystemRNG(void *dest, size_t maxLen)
 
- {
 
-     int fd;
 
-     int bytes;
 
-     size_t fileBytes = 0;
 
-     unsigned char *buffer = dest;
 
- 
- #if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25))))
 
-+  #if 0
 
-     int result;
 
- 
-     while (fileBytes < maxLen) {
 
-         size_t getBytes = maxLen - fileBytes;
 
-         if (getBytes > GETENTROPY_MAX_BYTES) {
 
-             getBytes = GETENTROPY_MAX_BYTES;
 
-         }
 
-@@ -57,16 +58,17 @@ RNG_SystemRNG(void *dest, size_t maxLen)
 
-     if (errno != ENOSYS) {
 
-         PORT_SetError(SEC_ERROR_NEED_RANDOM);
 
-         return 0;
 
-     }
 
-     /* ENOSYS means the kernel doesn't support getentropy()/getrandom().
 
-      * Reset the number of bytes to get and fall back to /dev/urandom. */
 
-     fileBytes = 0;
 
-+  #endif
 
- #endif
 
-     fd = open("/dev/urandom", O_RDONLY);
 
-     if (fd < 0) {
 
-         PORT_SetError(SEC_ERROR_NEED_RANDOM);
 
-         return 0;
 
-     }
 
-     while (fileBytes < maxLen) {
 
-         bytes = read(fd, buffer, maxLen - fileBytes);
 
-         if (bytes <= 0) {