Bug 1590972 - Use -std=c99 for all C code, r=jcj
authorMartin Thomson <mt@lowentropy.net>
Mon, 28 Oct 2019 22:55:09 +0000
changeset 15365 dbba7db4b79d43ff5e2e655f7a978eb5e43d6458
parent 15364 58f2471ace3b33d8a055b9e37921da8b960136e3
child 15366 6619bb43d746307df1db57bdd5bbaa17aaec6337
push id3560
push usermthomson@mozilla.com
push dateWed, 30 Oct 2019 22:54:19 +0000
reviewersjcj
bugs1590972
Bug 1590972 - Use -std=c99 for all C code, r=jcj This switches to using -std=c99 for compiling all C code. Previously, we only enabled this option for lib/freebl and lib/ssl. For Linux, this means we need to define _DEFAULT_SOURCE to access some of the functions we use. On glibc 2.12 (our oldest supported version), we also need to define _BSD_SOURCE to access these functions. The only tricky part is dealing with partial C99 implementation in gcc 4.4. From what I've seen, the only problem is that - in that mode - it doesn't support nesting of unnamed fields: https://gcc.gnu.org/onlinedocs/gcc-4.4.7/gcc/Unnamed-Fields.html This also switches from -std=c++0x to -std=c++11 as the 0x variant, though identical in meaning, is deprecated. Differential Revision: https://phabricator.services.mozilla.com/D50421
coreconf/Linux.mk
coreconf/WIN32.mk
coreconf/command.mk
coreconf/config.gypi
coreconf/rules.mk
lib/freebl/aes-armv8.c
lib/freebl/aes-x86.c
lib/freebl/config.mk
lib/freebl/freebl.gyp
lib/freebl/intel-aes.h
lib/freebl/intel-gcm-wrap.c
lib/freebl/rijndael.c
lib/freebl/rijndael.h
lib/ssl/config.mk
lib/ssl/ssl.gyp
--- a/coreconf/Linux.mk
+++ b/coreconf/Linux.mk
@@ -16,16 +16,17 @@ ifneq ($(OS_TARGET),Android)
 	USE_PTHREADS = 1
 endif
 
 ifeq ($(USE_PTHREADS),1)
 	IMPL_STRATEGY = _PTH
 endif
 
 DEFAULT_COMPILER = gcc
+DEFINES += -D_DEFAULT_SOURCE -D_BSD_SOURCE
 
 ifeq ($(OS_TARGET),Android)
 ifndef ANDROID_NDK
 	$(error Must set ANDROID_NDK to the path to the android NDK first)
 endif
 ifndef ANDROID_TOOLCHAIN_VERSION
 	$(error Must set ANDROID_TOOLCHAIN_VERSION to the requested version number)
 endif
--- a/coreconf/WIN32.mk
+++ b/coreconf/WIN32.mk
@@ -256,16 +256,22 @@ ifdef USE_64
 	AS	= ml64.exe
 	ASFLAGS = -nologo -Cp -Sn -Zi $(INCLUDES)
 else
 	AS	= ml.exe
 	ASFLAGS = -nologo -Cp -Sn -Zi -coff -safeseh $(INCLUDES)
 endif
 endif
 
+# clear any CSTD and CXXSTD unless we're using GCC
+ifndef NS_USE_GCC
+        CSTD    =
+        CXXSTD  =
+endif
+
 #
 # override the definitions of RELEASE_TREE found in tree.mk
 #
 ifndef RELEASE_TREE
     ifdef BUILD_SHIP
 	ifdef USE_SHIPS
 	    RELEASE_TREE = $(NTBUILD_SHIP)
 	else
--- a/coreconf/command.mk
+++ b/coreconf/command.mk
@@ -9,16 +9,18 @@
 #######################################################################
 
 AS            = $(CC)
 ASFLAGS      += $(CFLAGS)
 CCF           = $(CC) $(CFLAGS)
 LINK_DLL      = $(LD) $(OS_DLLFLAGS) $(DLLFLAGS) $(XLDFLAGS)
 CFLAGS        = $(OPTIMIZER) $(OS_CFLAGS) $(WARNING_CFLAGS) $(XP_DEFINE) \
                 $(DEFINES) $(INCLUDES) $(XCFLAGS)
+CSTD          = -std=c99
+CXXSTD        = -std=c++11
 PERL          = perl
 RANLIB        = echo
 TAR           = /bin/tar
 #
 # For purify
 #
 NOMD_CFLAGS  += $(OPTIMIZER) $(NOMD_OS_CFLAGS) $(XP_DEFINE) $(DEFINES) \
 		$(INCLUDES) $(XCFLAGS)
--- a/coreconf/config.gypi
+++ b/coreconf/config.gypi
@@ -350,16 +350,18 @@
           ],
         },
         'conditions': [
           [ 'OS=="linux" or OS=="android"', {
             'defines': [
               'LINUX2_1',
               'LINUX',
               'linux',
+              '_DEFAULT_SOURCE', # for <endian.h> functions, strdup, realpath, and getentropy
+              '_BSD_SOURCE', # for the above in glibc <= 2.19
             ],
           }],
           [ 'OS=="dragonfly" or OS=="freebsd"', {
             'defines': [
               'FREEBSD',
             ],
           }],
           [ 'OS=="netbsd"', {
@@ -386,18 +388,21 @@
           }],
           [ 'OS!="mac" and OS!="ios" and OS!="win"', {
             'cflags': [
               '-fPIC',
               '-pipe',
               '-ffunction-sections',
               '-fdata-sections',
             ],
+            'cflags_c': [
+              '-std=c99',
+            ],
             'cflags_cc': [
-              '-std=c++0x',
+              '-std=c++11',
             ],
             'ldflags': [
               '-z', 'noexecstack',
             ],
             'conditions': [
               [ 'target_arch=="ia32"', {
                 'cflags': ['-m32'],
                 'ldflags': ['-m32'],
--- a/coreconf/rules.mk
+++ b/coreconf/rules.mk
@@ -386,33 +386,33 @@ endif
 endif
 
 # The quotes allow absolute paths to contain spaces.
 core_abspath = '$(if $(findstring :,$(1)),$(1),$(if $(filter /%,$(1)),$(1),$(PWD)/$(1)))'
 
 $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.c
 	@$(MAKE_OBJDIR)
 ifdef USE_NT_C_SYNTAX
-	$(CC) -Fo$@ -c $(CFLAGS) $(call core_abspath,$<)
+	$(CC) -Fo$@ -c $(CSTD) $(CFLAGS) $(call core_abspath,$<)
 else
 ifdef NEED_ABSOLUTE_PATH
-	$(CC) -o $@ -c $(CFLAGS) $(call core_abspath,$<)
+	$(CC) -o $@ -c $(CSTD) $(CFLAGS) $(call core_abspath,$<)
 else
-	$(CC) -o $@ -c $(CFLAGS) $<
+	$(CC) -o $@ -c $(CSTD) $(CFLAGS) $<
 endif
 endif
 
 $(PROG_PREFIX)%$(OBJ_SUFFIX): %.c
 ifdef USE_NT_C_SYNTAX
-	$(CC) -Fo$@ -c $(CFLAGS) $(call core_abspath,$<)
+	$(CC) -Fo$@ -c $(CSTD) $(CFLAGS) $(call core_abspath,$<)
 else
 ifdef NEED_ABSOLUTE_PATH
-	$(CC) -o $@ -c $(CFLAGS) $(call core_abspath,$<)
+	$(CC) -o $@ -c $(CSTD) $(CFLAGS) $(call core_abspath,$<)
 else
-	$(CC) -o $@ -c $(CFLAGS) $<
+	$(CC) -o $@ -c $(CSTD) $(CFLAGS) $<
 endif
 endif
 
 ifneq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET)))
 $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.s
 	@$(MAKE_OBJDIR)
 	$(AS) -o $@ $(ASFLAGS) -c $<
 endif
@@ -423,60 +423,60 @@ endif
 
 $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.S
 	@$(MAKE_OBJDIR)
 	$(AS) -o $@ $(ASFLAGS) -c $<
 
 $(OBJDIR)/$(PROG_PREFIX)%: %.cpp
 	@$(MAKE_OBJDIR)
 ifdef USE_NT_C_SYNTAX
-	$(CCC) -Fo$@ -c $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
+	$(CCC) -Fo$@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
 else
 ifdef NEED_ABSOLUTE_PATH
-	$(CCC) -o $@ -c $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
+	$(CCC) -o $@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
 else
-	$(CCC) -o $@ -c $(CFLAGS) $(CXXFLAGS) $<
+	$(CCC) -o $@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $<
 endif
 endif
 
 #
 # Please keep the next two rules in sync.
 #
 $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.cc
 	$(MAKE_OBJDIR)
 ifdef STRICT_CPLUSPLUS_SUFFIX
 	echo "#line 1 \"$<\"" | cat - $< > $(OBJDIR)/t_$*.cc
-	$(CCC) -o $@ -c $(CFLAGS) $(CXXFLAGS) $(OBJDIR)/t_$*.cc
+	$(CCC) -o $@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $(OBJDIR)/t_$*.cc
 	rm -f $(OBJDIR)/t_$*.cc
 else
 ifdef USE_NT_C_SYNTAX
-	$(CCC) -Fo$@ -c $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
+	$(CCC) -Fo$@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
 else
 ifdef NEED_ABSOLUTE_PATH
-	$(CCC) -o $@ -c $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
+	$(CCC) -o $@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
 else
-	$(CCC) -o $@ -c $(CFLAGS) $(CXXFLAGS) $<
+	$(CCC) -o $@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $<
 endif
 endif
 endif #STRICT_CPLUSPLUS_SUFFIX
 
 $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.cpp
 	@$(MAKE_OBJDIR)
 ifdef STRICT_CPLUSPLUS_SUFFIX
 	echo "#line 1 \"$<\"" | cat - $< > $(OBJDIR)/t_$*.cc
-	$(CCC) -o $@ -c $(CFLAGS) $(CXXFLAGS) $(OBJDIR)/t_$*.cc
+	$(CCC) -o $@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $(OBJDIR)/t_$*.cc
 	rm -f $(OBJDIR)/t_$*.cc
 else
 ifdef USE_NT_C_SYNTAX
-	$(CCC) -Fo$@ -c $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
+	$(CCC) -Fo$@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
 else
 ifdef NEED_ABSOLUTE_PATH
-	$(CCC) -o $@ -c $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
+	$(CCC) -o $@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $(call core_abspath,$<)
 else
-	$(CCC) -o $@ -c $(CFLAGS) $(CXXFLAGS) $<
+	$(CCC) -o $@ -c $(CXXSTD) $(CFLAGS) $(CXXFLAGS) $<
 endif
 endif
 endif #STRICT_CPLUSPLUS_SUFFIX
 
 %.i: %.cpp
 	$(CCC) -C -E $(CFLAGS) $(CXXFLAGS) $< > $@
 
 %.i: %.c
--- a/lib/freebl/aes-armv8.c
+++ b/lib/freebl/aes-armv8.c
@@ -24,17 +24,17 @@ arm_aes_encrypt_ecb_128(AESContext *cx, 
                         unsigned int inputLen,
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     key1 = vld1q_u8(key);
     key2 = vld1q_u8(key + 16);
     key3 = vld1q_u8(key + 32);
@@ -109,17 +109,17 @@ arm_aes_decrypt_ecb_128(AESContext *cx, 
                         unsigned int inputLen,
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (inputLen == 0) {
         return SECSuccess;
     }
 
     key1 = vld1q_u8(key);
     key2 = vld1q_u8(key + 16);
     key3 = vld1q_u8(key + 32);
@@ -195,17 +195,17 @@ arm_aes_encrypt_cbc_128(AESContext *cx, 
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11;
     uint8x16_t iv;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     /* iv */
     iv = vld1q_u8(cx->iv);
 
@@ -289,17 +289,17 @@ arm_aes_decrypt_cbc_128(AESContext *cx, 
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t iv;
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     /* iv */
     iv = vld1q_u8(cx->iv);
 
@@ -384,17 +384,17 @@ arm_aes_encrypt_ecb_192(AESContext *cx, 
                         unsigned int inputLen,
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11, key12, key13;
-    PRUint8 *key = (PRUint8 *)cx->expandedKey;
+    PRUint8 *key = (PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     key1 = vld1q_u8(key);
     key2 = vld1q_u8(key + 16);
     key3 = vld1q_u8(key + 32);
@@ -475,17 +475,17 @@ arm_aes_decrypt_ecb_192(AESContext *cx, 
                         unsigned int inputLen,
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11, key12, key13;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     key1 = vld1q_u8(key);
     key2 = vld1q_u8(key + 16);
     key3 = vld1q_u8(key + 32);
@@ -567,17 +567,17 @@ arm_aes_encrypt_cbc_192(AESContext *cx, 
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11, key12, key13;
     uint8x16_t iv;
-    PRUint8 *key = (PRUint8 *)cx->expandedKey;
+    PRUint8 *key = (PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     /* iv */
     iv = vld1q_u8(cx->iv);
 
@@ -666,17 +666,17 @@ arm_aes_decrypt_cbc_192(AESContext *cx, 
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t iv;
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11, key12, key13;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     /* iv */
     iv = vld1q_u8(cx->iv);
 
@@ -767,17 +767,17 @@ arm_aes_encrypt_ecb_256(AESContext *cx, 
                         unsigned int inputLen,
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11, key12, key13, key14, key15;
-    PRUint8 *key = (PRUint8 *)cx->expandedKey;
+    PRUint8 *key = (PRUint8 *)cx->k.expandedKey;
 
     if (inputLen == 0) {
         return SECSuccess;
     }
 
     key1 = vld1q_u8(key);
     key2 = vld1q_u8(key + 16);
     key3 = vld1q_u8(key + 32);
@@ -863,17 +863,17 @@ arm_aes_decrypt_ecb_256(AESContext *cx, 
                         unsigned int inputLen,
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11, key12, key13, key14, key15;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     key1 = vld1q_u8(key);
     key2 = vld1q_u8(key + 16);
     key3 = vld1q_u8(key + 32);
@@ -961,17 +961,17 @@ arm_aes_encrypt_cbc_256(AESContext *cx, 
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11, key12, key13, key14, key15;
     uint8x16_t iv;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     /* iv */
     iv = vld1q_u8(cx->iv);
 
@@ -1067,17 +1067,17 @@ arm_aes_decrypt_cbc_256(AESContext *cx, 
                         unsigned int blocksize)
 {
 #if !defined(HAVE_UNALIGNED_ACCESS)
     pre_align unsigned char buf[16] post_align;
 #endif
     uint8x16_t iv;
     uint8x16_t key1, key2, key3, key4, key5, key6, key7, key8, key9, key10;
     uint8x16_t key11, key12, key13, key14, key15;
-    const PRUint8 *key = (const PRUint8 *)cx->expandedKey;
+    const PRUint8 *key = (const PRUint8 *)cx->k.expandedKey;
 
     if (!inputLen) {
         return SECSuccess;
     }
 
     /* iv */
     iv = vld1q_u8(cx->iv);
 
--- a/lib/freebl/aes-x86.c
+++ b/lib/freebl/aes-x86.c
@@ -16,17 +16,17 @@
     tmp = _mm_xor_si128(k, _mm_slli_si128(k, 4));     \
     tmp = _mm_xor_si128(tmp, _mm_slli_si128(tmp, 4)); \
     tmp = _mm_xor_si128(tmp, _mm_slli_si128(tmp, 4)); \
     res = _mm_xor_si128(tmp, tmp_key)
 
 static void
 native_key_expansion128(AESContext *cx, const unsigned char *key)
 {
-    __m128i *keySchedule = cx->keySchedule;
+    __m128i *keySchedule = cx->k.keySchedule;
     pre_align __m128i tmp_key post_align;
     pre_align __m128i tmp post_align;
     keySchedule[0] = _mm_loadu_si128((__m128i *)key);
     EXPAND_KEY128(keySchedule[0], 0x01, keySchedule[1]);
     EXPAND_KEY128(keySchedule[1], 0x02, keySchedule[2]);
     EXPAND_KEY128(keySchedule[2], 0x04, keySchedule[3]);
     EXPAND_KEY128(keySchedule[3], 0x08, keySchedule[4]);
     EXPAND_KEY128(keySchedule[4], 0x10, keySchedule[5]);
@@ -56,17 +56,17 @@ native_key_expansion128(AESContext *cx, 
                                            _mm_castsi128_pd(tmp3), 0));  \
     res2 = _mm_castpd_si128(_mm_shuffle_pd(_mm_castsi128_pd(tmp3),       \
                                            _mm_castsi128_pd(carry), 1)); \
     EXPAND_KEY192_PART1(res3, tmp3, carry, rcon2)
 
 static void
 native_key_expansion192(AESContext *cx, const unsigned char *key)
 {
-    __m128i *keySchedule = cx->keySchedule;
+    __m128i *keySchedule = cx->k.keySchedule;
     pre_align __m128i tmp1 post_align;
     pre_align __m128i tmp2 post_align;
     pre_align __m128i tmp3 post_align;
     pre_align __m128i carry post_align;
     keySchedule[0] = _mm_loadu_si128((__m128i *)key);
     keySchedule[1] = _mm_loadu_si128((__m128i *)(key + 16));
     EXPAND_KEY192(keySchedule[0], keySchedule[1], keySchedule[2],
                   keySchedule[3], carry, 0x1, 0x2);
@@ -91,17 +91,17 @@ native_key_expansion192(AESContext *cx, 
 
 #define EXPAND_KEY256(res1, res2, k1, k2, rcon)   \
     EXPAND_KEY256_PART(res1, rcon, k1, k2, 0xFF); \
     EXPAND_KEY256_PART(res2, 0x00, k2, res1, 0xAA)
 
 static void
 native_key_expansion256(AESContext *cx, const unsigned char *key)
 {
-    __m128i *keySchedule = cx->keySchedule;
+    __m128i *keySchedule = cx->k.keySchedule;
     pre_align __m128i tmp_key post_align;
     pre_align __m128i tmp1 post_align;
     pre_align __m128i tmp2 post_align;
     keySchedule[0] = _mm_loadu_si128((__m128i *)key);
     keySchedule[1] = _mm_loadu_si128((__m128i *)(key + 16));
     EXPAND_KEY256(keySchedule[2], keySchedule[3], keySchedule[0],
                   keySchedule[1], 0x01);
     EXPAND_KEY256(keySchedule[4], keySchedule[5], keySchedule[2],
@@ -143,15 +143,15 @@ rijndael_native_key_expansion(AESContext
 
 void
 rijndael_native_encryptBlock(AESContext *cx,
                              unsigned char *output,
                              const unsigned char *input)
 {
     int i;
     pre_align __m128i m post_align = _mm_loadu_si128((__m128i *)input);
-    m = _mm_xor_si128(m, cx->keySchedule[0]);
+    m = _mm_xor_si128(m, cx->k.keySchedule[0]);
     for (i = 1; i < cx->Nr; ++i) {
-        m = _mm_aesenc_si128(m, cx->keySchedule[i]);
+        m = _mm_aesenc_si128(m, cx->k.keySchedule[i]);
     }
-    m = _mm_aesenclast_si128(m, cx->keySchedule[cx->Nr]);
+    m = _mm_aesenclast_si128(m, cx->k.keySchedule[cx->Nr]);
     _mm_storeu_si128((__m128i *)output, m);
 }
--- a/lib/freebl/config.mk
+++ b/lib/freebl/config.mk
@@ -85,18 +85,13 @@ EXTRA_SHARED_LIBS += \
 	-L$(NSSUTIL_LIB_DIR) \
 	-lnssutil3 \
 	-L$(NSPR_LIB_DIR) \
 	-lnspr4 \
 	$(NULL)
 endif
 endif
 
-ifeq (,$(filter-out DragonFly FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET)))
-CFLAGS += -std=gnu99
-endif
-
 ifeq ($(OS_ARCH), Darwin)
-CFLAGS += -std=gnu99
 EXTRA_SHARED_LIBS += -dylib_file @executable_path/libplc4.dylib:$(DIST)/lib/libplc4.dylib -dylib_file @executable_path/libplds4.dylib:$(DIST)/lib/libplds4.dylib
 endif
 
 endif
--- a/lib/freebl/freebl.gyp
+++ b/lib/freebl/freebl.gyp
@@ -356,25 +356,16 @@
       'SHLIB_SUFFIX=\"<(dll_suffix)\"',
       'SHLIB_PREFIX=\"<(dll_prefix)\"',
       'SHLIB_VERSION=\"3\"',
       'SOFTOKEN_SHLIB_VERSION=\"3\"',
       'RIJNDAEL_INCLUDE_TABLES',
       'MP_API_COMPATIBLE'
     ],
     'conditions': [
-      [ 'OS=="mac"', {
-        'xcode_settings': {
-          # I'm not sure since when this is supported.
-          # But I hope that doesn't matter. We also assume this is x86/x64.
-          'OTHER_CFLAGS': [
-            '-std=gnu99',
-          ],
-        },
-      }],
       [ 'OS=="win" and target_arch=="ia32"', {
         'msvs_settings': {
           'VCCLCompilerTool': {
             #TODO: -Ox optimize flags
             'PreprocessorDefinitions': [
               'MP_ASSEMBLY_MULTIPLY',
               'MP_ASSEMBLY_SQUARE',
               'MP_ASSEMBLY_DIV_2DX1D',
@@ -419,24 +410,16 @@
           'KRML_NOUINT128',
         ],
       }],
       [ 'OS=="linux"', {
         'defines': [
           'FREEBL_LOWHASH',
           'FREEBL_NO_DEPEND',
         ],
-        'cflags': [
-          '-std=gnu99',
-        ],
-      }],
-      [ 'OS=="dragonfly" or OS=="freebsd" or OS=="netbsd" or OS=="openbsd"', {
-        'cflags': [
-          '-std=gnu99',
-        ],
       }],
       [ 'OS=="linux" or OS=="android"', {
         'conditions': [
           [ 'target_arch=="x64"', {
             'defines': [
               'MP_IS_LITTLE_ENDIAN',
               'NSS_BEVAND_ARCFOUR',
               'MPI_AMD64',
--- a/lib/freebl/intel-aes.h
+++ b/lib/freebl/intel-aes.h
@@ -118,26 +118,26 @@ SECStatus intel_aes_encrypt_ctr_256(CTRC
                             : (keysize) == 24 ? intel_aes_decrypt_cbc_192  \
                                               : intel_aes_decrypt_cbc_256))
 
 #define intel_aes_ctr_worker(nr)                         \
     ((nr) == 10 ? intel_aes_encrypt_ctr_128              \
                 : (nr) == 12 ? intel_aes_encrypt_ctr_192 \
                              : intel_aes_encrypt_ctr_256)
 
-#define native_aes_init(encrypt, keysize)                         \
-    do {                                                          \
-        if (encrypt) {                                            \
-            if (keysize == 16)                                    \
-                intel_aes_encrypt_init_128(key, cx->expandedKey); \
-            else if (keysize == 24)                               \
-                intel_aes_encrypt_init_192(key, cx->expandedKey); \
-            else                                                  \
-                intel_aes_encrypt_init_256(key, cx->expandedKey); \
-        } else {                                                  \
-            if (keysize == 16)                                    \
-                intel_aes_decrypt_init_128(key, cx->expandedKey); \
-            else if (keysize == 24)                               \
-                intel_aes_decrypt_init_192(key, cx->expandedKey); \
-            else                                                  \
-                intel_aes_decrypt_init_256(key, cx->expandedKey); \
-        }                                                         \
+#define native_aes_init(encrypt, keysize)                           \
+    do {                                                            \
+        if (encrypt) {                                              \
+            if (keysize == 16)                                      \
+                intel_aes_encrypt_init_128(key, cx->k.expandedKey); \
+            else if (keysize == 24)                                 \
+                intel_aes_encrypt_init_192(key, cx->k.expandedKey); \
+            else                                                    \
+                intel_aes_encrypt_init_256(key, cx->k.expandedKey); \
+        } else {                                                    \
+            if (keysize == 16)                                      \
+                intel_aes_decrypt_init_128(key, cx->k.expandedKey); \
+            else if (keysize == 24)                                 \
+                intel_aes_decrypt_init_192(key, cx->k.expandedKey); \
+            else                                                    \
+                intel_aes_decrypt_init_256(key, cx->k.expandedKey); \
+        }                                                           \
     } while (0)
--- a/lib/freebl/intel-gcm-wrap.c
+++ b/lib/freebl/intel-gcm-wrap.c
@@ -84,17 +84,17 @@ intel_AES_GCM_CreateContext(void *contex
 
     /* initialize context fields */
     gcm->aes_context = aes;
     gcm->tagBits = gcmParams->ulTagBits;
     gcm->Alen = 0;
     gcm->Mlen = 0;
 
     /* first prepare H and its derivatives for ghash */
-    intel_aes_gcmINIT(gcm->Htbl, (unsigned char *)aes->expandedKey, aes->Nr);
+    intel_aes_gcmINIT(gcm->Htbl, (unsigned char *)aes->k.expandedKey, aes->Nr);
 
     /* Initial TAG value is zero */
     _mm_storeu_si128((__m128i *)gcm->T, _mm_setzero_si128());
     _mm_storeu_si128((__m128i *)gcm->X0, _mm_setzero_si128());
 
     /* Init the counter */
     if (gcmParams->ulIvLen == 12) {
         _mm_storeu_si128((__m128i *)gcm->CTR,
--- a/lib/freebl/rijndael.c
+++ b/lib/freebl/rijndael.c
@@ -326,17 +326,17 @@ gen_TInvXi(PRUint8 tx, PRUint8 i)
  */
 static void
 rijndael_key_expansion7(AESContext *cx, const unsigned char *key, unsigned int Nk)
 {
     unsigned int i;
     PRUint32 *W;
     PRUint32 *pW;
     PRUint32 tmp;
-    W = cx->expandedKey;
+    W = cx->k.expandedKey;
     /* 1.  the first Nk words contain the cipher key */
     memcpy(W, key, Nk * 4);
     i = Nk;
     /* 2.  loop until full expanded key is obtained */
     pW = W + i - 1;
     for (; i < cx->Nb * (cx->Nr + 1); ++i) {
         tmp = *pW++;
         if (i % Nk == 0)
@@ -358,17 +358,17 @@ rijndael_key_expansion(AESContext *cx, c
     PRUint32 *W;
     PRUint32 *pW;
     PRUint32 tmp;
     unsigned int round_key_words = cx->Nb * (cx->Nr + 1);
     if (Nk == 7) {
         rijndael_key_expansion7(cx, key, Nk);
         return;
     }
-    W = cx->expandedKey;
+    W = cx->k.expandedKey;
     /* The first Nk words contain the input cipher key */
     memcpy(W, key, Nk * 4);
     i = Nk;
     pW = W + i - 1;
     /* Loop over all sets of Nk words, except the last */
     while (i < round_key_words - Nk) {
         tmp = *pW++;
         tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
@@ -435,17 +435,17 @@ rijndael_invkey_expansion(AESContext *cx
     PRUint32 *roundkeyw;
     PRUint8 *b;
     int Nb = cx->Nb;
     /* begins like usual key expansion ... */
     rijndael_key_expansion(cx, key, Nk);
     /* ... but has the additional step of InvMixColumn,
      * excepting the first and last round keys.
      */
-    roundkeyw = cx->expandedKey + cx->Nb;
+    roundkeyw = cx->k.expandedKey + cx->Nb;
     for (r = 1; r < cx->Nr; ++r) {
         /* each key word, roundkeyw, represents a column in the key
          * matrix.  Each column is multiplied by the InvMixColumn matrix.
          *   [ 0E 0B 0D 09 ]   [ b0 ]
          *   [ 09 0E 0B 0D ] * [ b1 ]
          *   [ 0D 09 0E 0B ]   [ b2 ]
          *   [ 0B 0D 09 0E ]   [ b3 ]
          */
@@ -533,17 +533,17 @@ rijndael_encryptBlock128(AESContext *cx,
         pIn = (unsigned char *)input;
     }
     if ((ptrdiff_t)output & 0x3) {
         pOut = (unsigned char *)outBuf;
     } else {
         pOut = (unsigned char *)output;
     }
 #endif
-    roundkeyw = cx->expandedKey;
+    roundkeyw = cx->k.expandedKey;
     /* Step 1: Add Round Key 0 to initial state */
     COLUMN_0(state) = *((PRUint32 *)(pIn)) ^ *roundkeyw++;
     COLUMN_1(state) = *((PRUint32 *)(pIn + 4)) ^ *roundkeyw++;
     COLUMN_2(state) = *((PRUint32 *)(pIn + 8)) ^ *roundkeyw++;
     COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw++;
     /* Step 2: Loop over rounds [1..NR-1] */
     for (r = 1; r < cx->Nr; ++r) {
         /* Do ShiftRow, ByteSub, and MixColumn all at once */
@@ -628,17 +628,17 @@ rijndael_decryptBlock128(AESContext *cx,
         pIn = (unsigned char *)input;
     }
     if ((ptrdiff_t)output & 0x3) {
         pOut = (unsigned char *)outBuf;
     } else {
         pOut = (unsigned char *)output;
     }
 #endif
-    roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
+    roundkeyw = cx->k.expandedKey + cx->Nb * cx->Nr + 3;
     /* reverse the final key addition */
     COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw--;
     COLUMN_2(state) = *((PRUint32 *)(pIn + 8)) ^ *roundkeyw--;
     COLUMN_1(state) = *((PRUint32 *)(pIn + 4)) ^ *roundkeyw--;
     COLUMN_0(state) = *((PRUint32 *)(pIn)) ^ *roundkeyw--;
     /* Loop over rounds in reverse [NR..1] */
     for (r = cx->Nr; r > 1; --r) {
         /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
--- a/lib/freebl/rijndael.h
+++ b/lib/freebl/rijndael.h
@@ -63,17 +63,17 @@ typedef void AESBlockFunc(AESContext *cx
 struct AESContextStr {
     /* NOTE: Offsets to members in this struct are hardcoded in assembly.
      * Don't change the struct without updating intel-aes.s and intel-gcm.s. */
     union {
 #if defined(NSS_X86_OR_X64)
         __m128i keySchedule[15];
 #endif
         PRUint32 expandedKey[RIJNDAEL_MAX_EXP_KEY_SIZE];
-    };
+    } k;
     unsigned int Nb;
     unsigned int Nr;
     freeblCipherFunc worker;
     unsigned char iv[AES_BLOCK_SIZE];
     freeblDestroyFunc destroy;
     void *worker_cx;
     PRBool isBlock;
     int mode;
--- a/lib/ssl/config.mk
+++ b/lib/ssl/config.mk
@@ -55,12 +55,8 @@ ifeq ($(OS_ARCH), BeOS)
 EXTRA_SHARED_LIBS += -lbe
 endif
 
 endif
 
 ifdef NSS_DISABLE_TLS_1_3
 DEFINES += -DNSS_DISABLE_TLS_1_3
 endif
-
-ifeq (,$(filter-out DragonFly FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET)))
-CFLAGS += -std=gnu99
-endif
--- a/lib/ssl/ssl.gyp
+++ b/lib/ssl/ssl.gyp
@@ -65,21 +65,16 @@
             'unix_err.c'
           ],
         }],
         [ 'fuzz_tls==1', {
           'defines': [
             'UNSAFE_FUZZER_MODE',
           ],
         }],
-        [ 'OS=="dragonfly" or OS=="freebsd" or OS=="netbsd" or OS=="openbsd" or OS=="linux"', {
-          'cflags': [
-            '-std=gnu99',
-          ],
-        }],
         [ 'enable_sslkeylogfile==1', {
           'defines': [
             'NSS_ALLOW_SSLKEYLOGFILE',
           ],
         }],
       ],
       'dependencies': [
         '<(DEPTH)/exports.gyp:nss_exports',