Index: patches/nss-urandom-abort.patch |
=================================================================== |
--- patches/nss-urandom-abort.patch (revision 206814) |
+++ patches/nss-urandom-abort.patch (working copy) |
@@ -1,10 +1,13 @@ |
-Index: nss/lib/freebl/unix_rand.c |
+Index: unix_rand.c |
=================================================================== |
---- nss/lib/freebl/unix_rand.c (revision 204056) |
-+++ nss/lib/freebl/unix_rand.c (working copy) |
-@@ -918,6 +918,16 @@ |
+--- unix_rand.c (revision 203531) |
++++ unix_rand.c (working copy) |
+@@ -916,8 +916,19 @@ |
+ #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \ |
+ || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \ |
|| defined(HPUX) |
- if (bytes) |
+- if (bytes) |
++ if (bytes == SYSTEM_RNG_SEED_COUNT) |
return; |
+ |
+ /* |
@@ -12,23 +15,31 @@ |
+ * |
+ * See crbug.com/244661 for details. |
+ */ |
-+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " |
-+ "Abort process.\n", __FILE__, __LINE__); |
++ fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) " |
++ "from /dev/urandom. Abort process.\n", __FILE__, __LINE__, |
++ bytes, SYSTEM_RNG_SEED_COUNT); |
+ fflush(stderr); |
+ abort(); |
#endif |
#ifdef SOLARIS |
-@@ -1132,7 +1142,15 @@ |
+@@ -1123,6 +1134,11 @@ |
+ } |
+ } |
++/* |
++ * Modified to abort the process if it failed to read from /dev/urandom. |
++ * |
++ * See crbug.com/244661 for details. |
++ */ |
+ size_t RNG_SystemRNG(void *dest, size_t maxLen) |
+ { |
+ FILE *file; |
+@@ -1132,7 +1148,10 @@ |
+ |
file = fopen("/dev/urandom", "r"); |
if (file == NULL) { |
- return rng_systemFromNoise(dest, maxLen); |
-+ /* |
-+ * Modified to abort the process if it failed to read from /dev/urandom. |
-+ * |
-+ * See crbug.com/244661 for details. |
-+ */ |
+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " |
+ "Abort process.\n", __FILE__, __LINE__); |
+ fflush(stderr); |
@@ -36,3 +47,16 @@ |
} |
while (maxLen > fileBytes) { |
bytes = maxLen - fileBytes; |
+@@ -1144,8 +1163,10 @@ |
+ } |
+ fclose(file); |
+ if (fileBytes != maxLen) { |
+- PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */ |
+- fileBytes = 0; |
++ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " |
++ "Abort process.\n", __FILE__, __LINE__); |
++ fflush(stderr); |
++ abort(); |
+ } |
+ return fileBytes; |
+ } |