# HG changeset patch # User Bill Gianopoulos # Date 1570452567 14400 # Mon Oct 07 08:49:27 2019 -0400 # Node ID 45bcb7edc9c43f687eb73116b2023cf793737228 # Parent 4115dc9fa49df80570a5cd7c352c8c8bbf3e82b1 Bug 9999999 - Avoid use of getentropy in --enable-stdcxx-compat builds. diff --git a/security/moz.build b/security/moz.build --- a/security/moz.build +++ b/security/moz.build @@ -163,16 +163,18 @@ if CONFIG["OS_TARGET"] == "WINNT": if CONFIG["OS_TARGET"] == "Android": sandbox_vars["CFLAGS"] = [ "-include", TOPSRCDIR + "/security/manager/android_stub.h", ] if CONFIG["ANDROID_VERSION"]: sandbox_vars["CFLAGS"] += ["-DANDROID_VERSION=" + CONFIG["ANDROID_VERSION"]] +if CONFIG["MOZ_LIBSTDCXX_TARGET_VERSION"] or CONFIG["MOZ_LIBSTDCXX_HOST_VERSION"]: + sandbox_vars['CFLAGS'] = ['-DNSS_STDCXX_COMPAT'] if CONFIG["MOZ_SYSTEM_NSS"]: sandbox_vars["CXXFLAGS"] = CONFIG["NSS_CFLAGS"] GYP_DIRS["nss"].sandbox_vars = sandbox_vars GYP_DIRS["nss"].no_chromium = True GYP_DIRS["nss"].no_unified = True # This maps action names from gyp files to # Python scripts that can be used in moz.build GENERATED_FILES. GYP_DIRS["nss"].action_overrides = { diff --git a/security/nss/lib/freebl/unix_urandom.c b/security/nss/lib/freebl/unix_urandom.c --- a/security/nss/lib/freebl/unix_urandom.c +++ b/security/nss/lib/freebl/unix_urandom.c @@ -28,17 +28,21 @@ RNG_SystemInfoForRNG(void) size_t RNG_SystemRNG(void *dest, size_t maxLen) { int fd; int bytes; size_t fileBytes = 0; unsigned char *buffer = dest; -#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25)))) +#if !defined(NSS_STDCXX_COMPAT) && (defined(__OpenBSD__) || \ + (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || \ + (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || \ + ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25))))) + int result; while (fileBytes < maxLen) { size_t getBytes = maxLen - fileBytes; if (getBytes > GETENTROPY_MAX_BYTES) { getBytes = GETENTROPY_MAX_BYTES; } result = getentropy(buffer, getBytes);