mozilla: comparison mozilla-shared-nss-db.patch

equal deleted inserted replaced

-:83801946c93f
+:6a889427cd4f
 References:
 diff --git a/configure.in b/configure.in
 --- a/configure.in
 +++ b/configure.in
-@@ -8309,16 +8309,31 @@ if test "$MOZ_ENABLE_SKIA"; then
+@@ -8310,16 +8310,31 @@ if test "$MOZ_ENABLE_SKIA"; then
 AC_DEFINE(USE_SKIA_GPU)
 AC_SUBST(MOZ_ENABLE_SKIA_GPU)
 fi
 fi
 AC_SUBST(MOZ_ENABLE_SKIA)
 AC_DEFINE(MOZ_XUL)
 else
 diff --git a/security/manager/ssl/moz.build b/security/manager/ssl/moz.build
 --- a/security/manager/ssl/moz.build
 +++ b/security/manager/ssl/moz.build
-@@ -156,16 +156,19 @@ FAIL_ON_WARNINGS = True
+@@ -160,16 +160,19 @@ UNIFIED_SOURCES += [
 FINAL_LIBRARY = 'xul'
 LOCAL_INCLUDES += [
 '/dom/base',
 '/security/certverifier',
 ]
 +CXXFLAGS += sorted(CONFIG['NSSHELPER_CFLAGS'])
 +OS_LIBS += sorted(CONFIG['NSSHELPER_LIBS'])
 +
-GENERATED_INCLUDES += [
+LOCAL_INCLUDES += [
-'/dist/public/nss',
+'!/dist/public/nss',
 ]
 if CONFIG['NSS_DISABLE_DBM']:
 DEFINES['NSS_DISABLE_DBM'] = '1'
 +
 #include "nsNSSComponent.h"
 #include "ExtendedValidation.h"
 #include "NSSCertDBTrustDomain.h"
-#include "mozilla/Telemetry.h"
+#include "SharedSSLState.h"
-#include "nsAppDirectoryServiceDefs.h"
+#include "mozilla/Preferences.h"
-#include "nsCertVerificationThread.h"
+#include "mozilla/PublicSSL.h"
-#include "nsAppDirectoryServiceDefs.h"
+#include "mozilla/Services.h"
-@@ -1015,17 +1022,31 @@ nsNSSComponent::InitializeNSS()
+@@ -1007,17 +1014,31 @@ nsNSSComponent::InitializeNSS()
-return NS_ERROR_NOT_AVAILABLE;
+return rv;
+}
 }
+MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("inSafeMode: %u\n", inSafeMode));
-SECStatus init_rv = SECFailure;
-bool nocertdb = Preferences::GetBool("security.nocertdb", false);
 if (!nocertdb && !profileStr.IsEmpty()) {
 // First try to initialize the NSS DB in read/write mode.
+// Only load PKCS11 modules if we're not in safe mode.
 +#ifdef MOZ_ENABLE_NSSHELPER
 +    if (PR_GetEnv("MOZ_XRE_NO_NSSHELPER")) {
-+      init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false);
++      init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false, !inSafeMode);
 +    } else {
 +      uint32_t flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE;
 +      init_rv = ::nsshelp_open_db ("Firefox", profileStr.get(), flags);
 +
 +      if (init_rv != SECSuccess) {
 +        MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("can not init NSS using nsshelp_open_db in %s\n", profileStr.get()));
-+        init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false);
++        init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false, !inSafeMode);
 +      }
 +    }
 +#else
-init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false);
+init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false, !inSafeMode);
 +#endif
 // If that fails, attempt read-only mode.
 if (init_rv != SECSuccess) {
 MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("could not init NSS r/w in %s\n", profileStr.get()));
-init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), true);
+init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), true, !inSafeMode);
 }
 if (init_rv != SECSuccess) {
 MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("could not init in r/o either\n"));
 }
 diff --git a/toolkit/library/moz.build b/toolkit/library/moz.build

branch	firefox45
changeset 904	6a889427cd4f
parent 885	ee3c462047d5
child 916	2f9f2e040647