1 From: Hans Petter Jansson <hpj@copyleft.no> |
|
2 Wolfgang Rosenauer <wr@rosenauer.org> |
|
3 Subject: use libnsssharedhelper if available at compile time |
|
4 (can be disabled by exporting MOZ_XRE_NO_NSSHELPER=1) |
|
5 References: |
|
6 |
|
7 diff --git a/old-configure.in b/old-configure.in |
|
8 --- a/old-configure.in |
|
9 +++ b/old-configure.in |
|
10 @@ -5358,16 +5358,31 @@ esac |
|
11 |
|
12 AC_SUBST(MOZ_TREE_CAIRO) |
|
13 AC_SUBST_LIST(MOZ_CAIRO_CFLAGS) |
|
14 AC_SUBST_LIST(MOZ_CAIRO_LIBS) |
|
15 AC_SUBST_LIST(MOZ_CAIRO_OSLIBS) |
|
16 AC_SUBST(MOZ_TREE_PIXMAN) |
|
17 |
|
18 dnl ======================================================== |
|
19 +dnl Check for nss-shared-helper |
|
20 +dnl ======================================================== |
|
21 + |
|
22 + PKG_CHECK_MODULES(NSSHELPER, nss-shared-helper, |
|
23 + [MOZ_ENABLE_NSSHELPER=1], |
|
24 + [MOZ_ENABLE_NSSHELPER=]) |
|
25 + |
|
26 +if test "$MOZ_ENABLE_NSSHELPER"; then |
|
27 + AC_DEFINE(MOZ_ENABLE_NSSHELPER) |
|
28 +fi |
|
29 +AC_SUBST(MOZ_ENABLE_NSSHELPER) |
|
30 +AC_SUBST_LIST(NSSHELPER_CFLAGS) |
|
31 +AC_SUBST_LIST(NSSHELPER_LIBS) |
|
32 + |
|
33 +dnl ======================================================== |
|
34 dnl disable xul |
|
35 dnl ======================================================== |
|
36 MOZ_ARG_DISABLE_BOOL(xul, |
|
37 [ --disable-xul Disable XUL], |
|
38 MOZ_XUL= ) |
|
39 if test "$MOZ_XUL"; then |
|
40 AC_DEFINE(MOZ_XUL) |
|
41 else |
|
42 diff --git a/security/manager/ssl/moz.build b/security/manager/ssl/moz.build |
|
43 --- a/security/manager/ssl/moz.build |
|
44 +++ b/security/manager/ssl/moz.build |
|
45 @@ -160,16 +160,19 @@ if CONFIG['MOZ_XUL']: |
|
46 ] |
|
47 |
|
48 UNIFIED_SOURCES += [ |
|
49 'md4.c', |
|
50 ] |
|
51 |
|
52 FINAL_LIBRARY = 'xul' |
|
53 |
|
54 +CXXFLAGS += sorted(CONFIG['NSSHELPER_CFLAGS']) |
|
55 +OS_LIBS += sorted(CONFIG['NSSHELPER_LIBS']) |
|
56 + |
|
57 LOCAL_INCLUDES += [ |
|
58 '/dom/base', |
|
59 '/dom/crypto', |
|
60 '/security/certverifier', |
|
61 '/security/pkix/include', |
|
62 ] |
|
63 |
|
64 LOCAL_INCLUDES += [ |
|
65 diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp |
|
66 --- a/security/manager/ssl/nsNSSComponent.cpp |
|
67 +++ b/security/manager/ssl/nsNSSComponent.cpp |
|
68 @@ -1,14 +1,21 @@ |
|
69 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- |
|
70 * |
|
71 * This Source Code Form is subject to the terms of the Mozilla Public |
|
72 * License, v. 2.0. If a copy of the MPL was not distributed with this |
|
73 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
|
74 |
|
75 +#ifdef MOZ_ENABLE_NSSHELPER |
|
76 +#pragma GCC visibility push(default) |
|
77 +#include <nss-shared-helper.h> |
|
78 +#pragma GCC visibility pop |
|
79 +#include "prenv.h" |
|
80 +#endif |
|
81 + |
|
82 #include "nsNSSComponent.h" |
|
83 |
|
84 #include "ExtendedValidation.h" |
|
85 #include "NSSCertDBTrustDomain.h" |
|
86 #include "ScopedNSSTypes.h" |
|
87 #include "SharedSSLState.h" |
|
88 #include "cert.h" |
|
89 #include "certdb.h" |
|
90 @@ -1702,17 +1709,31 @@ nsNSSComponent::InitializeNSS() |
|
91 return rv; |
|
92 } |
|
93 } |
|
94 MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("inSafeMode: %u\n", inSafeMode)); |
|
95 |
|
96 if (!nocertdb && !profileStr.IsEmpty()) { |
|
97 // First try to initialize the NSS DB in read/write mode. |
|
98 // Only load PKCS11 modules if we're not in safe mode. |
|
99 +#ifdef MOZ_ENABLE_NSSHELPER |
|
100 + if (PR_GetEnv("MOZ_XRE_NO_NSSHELPER")) { |
|
101 + init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false, !inSafeMode); |
|
102 + } else { |
|
103 + uint32_t flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE; |
|
104 + init_rv = ::nsshelp_open_db ("Firefox", profileStr.get(), flags); |
|
105 + |
|
106 + if (init_rv != SECSuccess) { |
|
107 + MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("can not init NSS using nsshelp_open_db in %s\n", profileStr.get())); |
|
108 + init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false, !inSafeMode); |
|
109 + } |
|
110 + } |
|
111 +#else |
|
112 init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false, !inSafeMode); |
|
113 +#endif |
|
114 // If that fails, attempt read-only mode. |
|
115 if (init_rv != SECSuccess) { |
|
116 MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("could not init NSS r/w in %s\n", profileStr.get())); |
|
117 init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), true, !inSafeMode); |
|
118 } |
|
119 if (init_rv != SECSuccess) { |
|
120 MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("could not init in r/o either\n")); |
|
121 } |
|
122 diff --git a/toolkit/library/moz.build b/toolkit/library/moz.build |
|
123 --- a/toolkit/library/moz.build |
|
124 +++ b/toolkit/library/moz.build |
|
125 @@ -220,16 +220,18 @@ OS_LIBS += CONFIG['MOZ_CAIRO_OSLIBS'] |
|
126 OS_LIBS += CONFIG['MOZ_WEBRTC_X11_LIBS'] |
|
127 |
|
128 if CONFIG['SERVO_TARGET_DIR']: |
|
129 if CONFIG['_MSC_VER']: |
|
130 OS_LIBS += ['%s/geckoservo' % CONFIG['SERVO_TARGET_DIR']] |
|
131 else: |
|
132 OS_LIBS += ['-L%s' % CONFIG['SERVO_TARGET_DIR'], '-lgeckoservo'] |
|
133 |
|
134 +OS_LIBS += sorted(CONFIG['NSSHELPER_LIBS']) |
|
135 + |
|
136 if CONFIG['MOZ_SYSTEM_JPEG']: |
|
137 OS_LIBS += CONFIG['MOZ_JPEG_LIBS'] |
|
138 |
|
139 if CONFIG['MOZ_SYSTEM_PNG']: |
|
140 OS_LIBS += CONFIG['MOZ_PNG_LIBS'] |
|
141 |
|
142 if CONFIG['MOZ_SYSTEM_HUNSPELL']: |
|
143 OS_LIBS += CONFIG['MOZ_HUNSPELL_LIBS'] |
|