[gnutls-devel] [PATCH] Fix library build on Chrome Native Client (NaCl)

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Apr 18 15:27:54 CEST 2016


Hi Kevin,
 (1) is very tricky. If we go that path the implicit initialization of
the library goes away. Is there some way to avoid it? E.g., can we
rely on getrandom() does nacl support it?

I've applied (2) in separate.

regards,
Nikos

On Sun, Apr 17, 2016 at 8:12 PM, Kevin Cernekee <cernekee at gmail.com> wrote:
> GnuTLS seems to mostly work under NaCl, but two items needed to be
> patched:
>
> 1) Automatically running gnutls_global_init() from the library
> constructor won't work, because /dev/urandom isn't available until
> the app initializes libnacl_io.  If the app wants to use the
> nacl_io_init_ppapi() API, this can only be called once the PP_Instance
> object is created, which happens after the library constructor runs.
>
> 2) Some supported toolchains define DT_UNKNOWN but do not define
> _DIRENT_HAVE_D_TYPE (and do not have the d_type field).  On other
> platforms GnuTLS may need to second-guess what the library is reporting,
> but on NaCl this is unsafe.
>
> For GnuTLS 3.4.x I'm carrying this as an out-of-tree patch[1], but it
> would be nice if it was incorporated into 3.5.x.
>
> Builds of the tools (certtool and such) under NaCl are untested and
> probably require additional work.
>
> [1] https://codereview.chromium.org/1892223002
> ---
>  lib/global.c            | 8 ++++++++
>  lib/x509/verify-high2.c | 2 +-
>  2 files changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/lib/global.c b/lib/global.c
> index f55851e7ea94..96c48ae040b0 100644
> --- a/lib/global.c
> +++ b/lib/global.c
> @@ -57,7 +57,15 @@
>  int __attribute__((weak)) _gnutls_global_init_skip(void);
>  int _gnutls_global_init_skip(void)
>  {
> +#ifdef __native_client__
> +       /* _gnutls_rnd_init() will fail if nacl_io_init() or
> +        * nacl_io_init_ppapi() has not run yet.  Only the app can invoke
> +        * the latter function (and only one can be called).
> +        */
> +       return 1;
> +#else
>         return 0;
> +#endif
>  }
>  #else
>  inline static int _gnutls_global_init_skip(void)
> diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c
> index e79aedc72de4..96f0ff6c274b 100644
> --- a/lib/x509/verify-high2.c
> +++ b/lib/x509/verify-high2.c
> @@ -37,7 +37,7 @@
>
>  #include <dirent.h>
>
> -#ifndef _DIRENT_HAVE_D_TYPE
> +#if !defined(_DIRENT_HAVE_D_TYPE) && !defined(__native_client__)
>  # ifdef DT_UNKNOWN
>  #  define _DIRENT_HAVE_D_TYPE
>  # endif
> --
> 2.8.0.rc3.226.g39d4020
>



More information about the Gnutls-devel mailing list