Index: nss/lib/freebl/unix_rand.c |
=================================================================== |
--- nss/lib/freebl/unix_rand.c (revision 206814) |
+++ nss/lib/freebl/unix_rand.c (working copy) |
@@ -916,7 +916,7 @@ |
#if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \ |
|| defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \ |
|| defined(HPUX) |
- if (bytes) |
+ if (bytes == SYSTEM_RNG_SEED_COUNT) |
return; |
/* |
@@ -924,8 +924,9 @@ |
* |
* See crbug.com/244661 for details. |
*/ |
- fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " |
- "Abort process.\n", __FILE__, __LINE__); |
+ fprintf(stderr, "[ERROR:%s(%d)] NSS read %d bytes (expected %d bytes) " |
+ "from /dev/urandom. Abort process.\n", __FILE__, __LINE__, |
+ (int)bytes, SYSTEM_RNG_SEED_COUNT); |
wtc
2013/06/17 23:04:17
|bytes| is a size_t, so we need the (int) cast to
Ryan Sleevi
2013/06/17 23:19:17
Is NSS allowed to use C99, or is it limited to C89
|
fflush(stderr); |
abort(); |
#endif |
@@ -1133,6 +1134,11 @@ |
} |
} |
+/* |
+ * Modified to abort the process if it failed to read from /dev/urandom. |
+ * |
+ * See crbug.com/244661 for details. |
+ */ |
size_t RNG_SystemRNG(void *dest, size_t maxLen) |
{ |
FILE *file; |
@@ -1142,11 +1148,6 @@ |
file = fopen("/dev/urandom", "r"); |
if (file == NULL) { |
- /* |
- * Modified to abort the process if it failed to read from /dev/urandom. |
- * |
- * See crbug.com/244661 for details. |
- */ |
fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " |
"Abort process.\n", __FILE__, __LINE__); |
fflush(stderr); |
@@ -1162,8 +1163,10 @@ |
} |
fclose(file); |
if (fileBytes != maxLen) { |
- PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */ |
- fileBytes = 0; |
+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " |
+ "Abort process.\n", __FILE__, __LINE__); |
+ fflush(stderr); |
+ abort(); |
} |
return fileBytes; |
} |