From a0ea7e64bc2f662bc5b0a7abe87a6032b39deff9 Mon Sep 17 00:00:00 2001 From: Marshall Greenblatt Date: Tue, 1 Oct 2019 14:30:07 +0300 Subject: [PATCH] Remove cef_sandbox dependency on boringssl MD5/SHA1 functions (fixes issue #2743) --- libcef/features/BUILD.gn | 1 + libcef/features/features.gni | 7 +++++ patch/patch.cfg | 5 ++++ patch/patches/base_sandbox_2743.patch | 40 +++++++++++++++++++++++++++ tools/gn_args.py | 4 +++ 5 files changed, 57 insertions(+) create mode 100644 patch/patches/base_sandbox_2743.patch diff --git a/libcef/features/BUILD.gn b/libcef/features/BUILD.gn index 8c19cd247..01f59751f 100644 --- a/libcef/features/BUILD.gn +++ b/libcef/features/BUILD.gn @@ -81,6 +81,7 @@ buildflag_header("features") { flags = [ "ENABLE_CEF=$enable_cef", + "IS_CEF_SANDBOX_BUILD=$is_cef_sandbox_build", ] } diff --git a/libcef/features/features.gni b/libcef/features/features.gni index 67866d4ee..7d7ae4971 100644 --- a/libcef/features/features.gni +++ b/libcef/features/features.gni @@ -4,4 +4,11 @@ declare_args() { enable_cef = true + + # Enables base target customizations necessary for distribution of the + # cef_sandbox static library. This value will be set via gn_args.py for the + # official sandbox build configurations only. DO NOT SET THIS VALUE MANUALLY + # FOR OTHER CHROMIUM/CEF BUILD CONFIGURATIONS AS ITS USE MAY HAVE SIGNIFICANT + # PERFORMANCE AND/OR SECURITY IMPLICATIONS. + is_cef_sandbox_build = false } diff --git a/patch/patch.cfg b/patch/patch.cfg index 20b668bd0..72917f476 100644 --- a/patch/patch.cfg +++ b/patch/patch.cfg @@ -434,6 +434,11 @@ patches = [ # https://bitbucket.org/chromiumembedded/cef/issues/123 'name': 'print_preview_123', }, + { + # Remove cef_sandbox dependency on boringssl MD5/SHA1 functions. + # https://bitbucket.org/chromiumembedded/cef/issues/2743 + 'name': 'base_sandbox_2743', + }, { # Fix execution of OnAccessibilityLocationChange by adding the following # Chromium change: diff --git a/patch/patches/base_sandbox_2743.patch b/patch/patches/base_sandbox_2743.patch new file mode 100644 index 000000000..357dc666a --- /dev/null +++ b/patch/patches/base_sandbox_2743.patch @@ -0,0 +1,40 @@ +diff --git base/BUILD.gn base/BUILD.gn +index 1351225a7d5c..d84ab9e2df35 100644 +--- base/BUILD.gn ++++ base/BUILD.gn +@@ -31,6 +31,7 @@ import("//build/config/sysroot.gni") + import("//build/config/ui.gni") + import("//build/nocompile.gni") + import("//build/timestamp.gni") ++import("//cef/libcef/features/features.gni") + import("//testing/libfuzzer/fuzzer_test.gni") + import("//testing/test.gni") + +@@ -1595,7 +1596,11 @@ jumbo_component("base") { + "hash/md5_constexpr_internal.h", + "hash/sha1.h", + ] +- if (is_nacl) { ++ deps += [ "//cef/libcef/features" ] ++ if (enable_cef) { ++ configs += [ "//cef/libcef/features:config" ] ++ } ++ if (is_nacl || is_cef_sandbox_build) { + sources += [ + "hash/md5_nacl.cc", + "hash/md5_nacl.h", +diff --git base/hash/md5.h base/hash/md5.h +index 8a49f08dcb04..2f03d7a6d1b3 100644 +--- base/hash/md5.h ++++ base/hash/md5.h +@@ -10,8 +10,9 @@ + #include "base/base_export.h" + #include "base/strings/string_piece.h" + #include "build/build_config.h" ++#include "cef/libcef/features/features.h" + +-#if defined(OS_NACL) ++#if defined(OS_NACL) || BUILDFLAG(IS_CEF_SANDBOX_BUILD) + #include "base/hash/md5_nacl.h" + #else + #include "base/hash/md5_boringssl.h" diff --git a/tools/gn_args.py b/tools/gn_args.py index 798880c33..d8cc754e5 100644 --- a/tools/gn_args.py +++ b/tools/gn_args.py @@ -445,6 +445,10 @@ def GetConfigArgsSandbox(platform, args, is_debug, cpu): # Avoid /LTCG linker warnings and generate smaller lib files. 'is_official_build': False, + + # Enable base target customizations necessary for distribution of the + # cef_sandbox static library. + 'is_cef_sandbox_build': True, } if is_debug: